CVE-2019-20795

Name of the Vulnerable Software and Affected Versions iproute2 versions prior to 5.1.0

Description The issue is related to a use-after-free in the get netnsid from name function in ip/ipnetns.c. This may have limited security relevance, particularly in certain configurations where setuid is used, although other factors such as C library configuration may affect exploitability.

Recommendations For versions prior to 5.1.0, update to version 5.1.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of setuid configurations to minimize the risk of exploitation.