CVE Vulnerabilities

CVE-2019-17055

Missing Authorization

Published: Oct 01, 2019 | Modified: Nov 07, 2023
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
4 MODERATE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Ubuntu
MEDIUM

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

Weakness

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux * 5.3.2 (including)
Red Hat Enterprise Linux 6 RedHat kernel-0:2.6.32-754.28.1.el6 *
Red Hat Enterprise Linux 7 RedHat kernel-rt-0:3.10.0-1160.rt56.1131.el7 *
Red Hat Enterprise Linux 7 RedHat kernel-0:3.10.0-1160.el7 *
Red Hat Enterprise Linux 8 RedHat kernel-rt-0:4.18.0-193.rt13.51.el8 *
Red Hat Enterprise Linux 8 RedHat kernel-0:4.18.0-193.el8 *
Linux Ubuntu bionic *
Linux Ubuntu disco *
Linux Ubuntu esm-infra/bionic *
Linux Ubuntu esm-infra/xenial *
Linux Ubuntu precise/esm *
Linux Ubuntu trusty *
Linux Ubuntu trusty/esm *
Linux Ubuntu upstream *
Linux Ubuntu xenial *
Linux-aws Ubuntu bionic *
Linux-aws Ubuntu disco *
Linux-aws Ubuntu esm-infra/bionic *
Linux-aws Ubuntu esm-infra/xenial *
Linux-aws Ubuntu trusty *
Linux-aws Ubuntu trusty/esm *
Linux-aws Ubuntu upstream *
Linux-aws Ubuntu xenial *
Linux-aws-5.0 Ubuntu upstream *
Linux-aws-hwe Ubuntu esm-infra/xenial *
Linux-aws-hwe Ubuntu upstream *
Linux-aws-hwe Ubuntu xenial *
Linux-azure Ubuntu bionic *
Linux-azure Ubuntu disco *
Linux-azure Ubuntu esm-infra/bionic *
Linux-azure Ubuntu esm-infra/xenial *
Linux-azure Ubuntu trusty *
Linux-azure Ubuntu trusty/esm *
Linux-azure Ubuntu upstream *
Linux-azure Ubuntu xenial *
Linux-azure-5.3 Ubuntu upstream *
Linux-azure-edge Ubuntu bionic *
Linux-azure-edge Ubuntu esm-infra/bionic *
Linux-azure-edge Ubuntu upstream *
Linux-azure-edge Ubuntu xenial *
Linux-gcp Ubuntu bionic *
Linux-gcp Ubuntu disco *
Linux-gcp Ubuntu esm-infra/bionic *
Linux-gcp Ubuntu esm-infra/xenial *
Linux-gcp Ubuntu upstream *
Linux-gcp Ubuntu xenial *
Linux-gcp-5.3 Ubuntu upstream *
Linux-gcp-edge Ubuntu bionic *
Linux-gcp-edge Ubuntu esm-infra/bionic *
Linux-gcp-edge Ubuntu upstream *
Linux-gke-4.15 Ubuntu bionic *
Linux-gke-4.15 Ubuntu esm-infra/bionic *
Linux-gke-4.15 Ubuntu upstream *
Linux-gke-5.0 Ubuntu bionic *
Linux-gke-5.0 Ubuntu upstream *
Linux-gke-5.3 Ubuntu upstream *
Linux-hwe Ubuntu bionic *
Linux-hwe Ubuntu esm-infra/bionic *
Linux-hwe Ubuntu esm-infra/xenial *
Linux-hwe Ubuntu upstream *
Linux-hwe Ubuntu xenial *
Linux-hwe-edge Ubuntu bionic *
Linux-hwe-edge Ubuntu esm-infra/bionic *
Linux-hwe-edge Ubuntu esm-infra/xenial *
Linux-hwe-edge Ubuntu upstream *
Linux-hwe-edge Ubuntu xenial *
Linux-kvm Ubuntu bionic *
Linux-kvm Ubuntu disco *
Linux-kvm Ubuntu esm-infra/bionic *
Linux-kvm Ubuntu esm-infra/xenial *
Linux-kvm Ubuntu upstream *
Linux-kvm Ubuntu xenial *
Linux-lts-trusty Ubuntu precise/esm *
Linux-lts-trusty Ubuntu upstream *
Linux-lts-xenial Ubuntu trusty *
Linux-lts-xenial Ubuntu trusty/esm *
Linux-lts-xenial Ubuntu upstream *
Linux-oem Ubuntu bionic *
Linux-oem Ubuntu disco *
Linux-oem Ubuntu eoan *
Linux-oem Ubuntu esm-infra/bionic *
Linux-oem Ubuntu upstream *
Linux-oem Ubuntu xenial *
Linux-oem-5.6 Ubuntu upstream *
Linux-oem-osp1 Ubuntu bionic *
Linux-oem-osp1 Ubuntu disco *
Linux-oem-osp1 Ubuntu eoan *
Linux-oem-osp1 Ubuntu upstream *
Linux-oracle Ubuntu bionic *
Linux-oracle Ubuntu disco *
Linux-oracle Ubuntu esm-infra/bionic *
Linux-oracle Ubuntu esm-infra/xenial *
Linux-oracle Ubuntu upstream *
Linux-oracle Ubuntu xenial *
Linux-oracle-5.0 Ubuntu upstream *
Linux-oracle-5.3 Ubuntu upstream *
Linux-raspi2 Ubuntu bionic *
Linux-raspi2 Ubuntu disco *
Linux-raspi2 Ubuntu upstream *
Linux-raspi2 Ubuntu xenial *
Linux-raspi2-5.3 Ubuntu upstream *
Linux-snapdragon Ubuntu bionic *
Linux-snapdragon Ubuntu disco *
Linux-snapdragon Ubuntu upstream *
Linux-snapdragon Ubuntu xenial *

Extended Description

Assuming a user with a given identity, authorization is the process of determining whether that user can access a given resource, based on the user’s privileges and any permissions or other access-control specifications that apply to the resource. When access control checks are not applied, users are able to access data or perform actions that they should not be allowed to perform. This can lead to a wide range of problems, including information exposures, denial of service, and arbitrary code execution.

Potential Mitigations

  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.

References