Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RedHat Linux User Mode Linux SetUID安装漏洞
Vulnerability Description
RedHat是一款免费开放源代码的Linux操作系统,其中kernel-util包包含多个工具用来控制内核或者机器硬件,Redhat 8.0包含User Mode Linux(UML)工具。 uml_net工具安装权限不正确,本地攻击者可以利用这个漏洞以高权限执行各种恶意活动。 RedHat8.0默认包含的kernel-utils包中的uml_net工具不正确地以setuid root属性安装,可允许本地用户利用此工具控制部分网络接口,增加和删除ARP条目和路由,并可以把接口置于混杂模式。
CVSS Information
N/A
Vulnerability Type
N/A