{"id":"CVE-2019-20795","details":"iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security relevance may be limited to certain uses of setuid that, although not a default, are sometimes a configuration option offered to end users. Even when setuid is used, other factors (such as C library configuration) may block exploitability.","modified":"2026-03-14T14:43:07.591315Z","published":"2020-05-09T21:15:10.913Z","related":["SUSE-SU-2021:3452-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202008-06"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4357-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1171452"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=9bf2c538a0eb10d66e2365a655bf6c52f5ba3d10"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-20795.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"5.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}]}