net: psp: require admin permission for dev-set and key-rotate
3Vexday Risk Score
No sign of exploitation. No public exploitation artifact known so far.
ssvc Trackepss 0.1%
exploitation probability
0.1%top 97% of all CVEs
observed exploitation
nono source reports it
In the Linux kernel, the following vulnerability has been resolved:
net: psp: require admin permission for dev-set and key-rotate
The dev-set and key-rotate netlink operations modify shared device
state (PSP version configuration and cryptographic key material,
respectively) but do not require CAP_NET_ADMIN. The only access
control is psp_dev_check_access() which merely verifies netns
membership.
Affected products
Linux · Linux