diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-09-03 21:31:34 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-09-03 21:31:34 +0200 |
| commit | 23de317952172b31b157073cd88f7c75a2c20587 (patch) | |
| tree | a722f4d49027ad00c0c2fc17db0bcd6d39439c05 | |
| parent | dc9e1080c637814b22a2f231223a0cee210a41b2 (diff) | |
Expand note to cover exploitability
| -rw-r--r-- | active/CVE-2020-14386 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/active/CVE-2020-14386 b/active/CVE-2020-14386 index beddd64c..afdce4eb 100644 --- a/active/CVE-2020-14386 +++ b/active/CVE-2020-14386 @@ -2,6 +2,10 @@ Description: net/packet: fix overflow in tpacket_rcv References: https://www.openwall.com/lists/oss-security/2020/09/03/3 Notes: + carnil> To create AF_PACKET sockets one needs CAP_NET_RAW in the + carnil> network namepsace, which could be aquired by unprivileged + carnil> processes on systems where unprivileged namespaces are enabled. + carnil> Debian does not enable those. Bugs: upstream: needed 4.19-upstream-stable: needed |