CVE-2020-26088 — Incorrect Default Permissions in Kernel
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 24
Latest updateMay 24
Description
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages3 packages
Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 18.04
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-mv8q-jr3c-hxp6: A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock↗2022-05-24
CVEList
▶
OSV
▶
📋Vendor Advisories
4Microsoft▶
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets bypassing security mechanisms aka CID-26↗2020-09-08
Red Hat▶
kernel: missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c allows local attackers to create raw sockets↗2020-08-11
Debian▶
CVE-2020-26088: linux - A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the L...↗2020
💬Community
2Bugzilla▶
CVE-2020-26088 kernel: missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c allows local attackers to create raw sockets↗2020-09-24
Bugzilla▶
CVE-2020-26088 kernel: missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c allows local attackers to create raw sockets [fedora-all]↗2020-09-24