Security Advisory

CVE-2012-3520

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-10-03 10:00:00

Last updated 2024-08-06 20:05:12

Assigner redhat

State PUBLISHED

Description

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.

← Browse all CVEs View on cve.org ↗