Pablo Neira Ayuso

5 exploits Active since May 2016
CVE-2012-6689 WRITEUP HIGH WRITEUP
Linux Kernel < 3.0.44 - Improper Access Control
The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.
CVSS 7.8
CVE-2015-1573 WRITEUP MEDIUM WRITEUP
Linux kernel <3.18.5 - DoS
The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability.
CVSS 5.5
CVE-2018-1065 WRITEUP MEDIUM WRITEUP
Linux Kernel < 4.15.7 - NULL Pointer Dereference
The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.
CVSS 4.7
CVE-2022-39190 WRITEUP MEDIUM WRITEUP
Linux Kernel < 5.19.6 - Denial of Service
An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain.
CVSS 5.5
CVE-2023-6622 WRITEUP MEDIUM WRITEUP
Linux kernel - DoS
A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.
CVSS 5.5