Global infos:

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

CVE Status: Modified

References:

[email protected]

af854a3a-2127-422b-91ae-364da2661108

Metrics:

Attribute	Value
Attack Complexity	HIGH
Attack Vector	LOCAL
Availability Impact	NONE
Base Score	4.7
Base Severity	MEDIUM
Confidentiality Impact	NONE
Integrity Impact	HIGH
Privileges Required	LOW
Scope	UNCHANGED
User Interaction	NONE
Vector String	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Exploitability Score	1
Impact Score	3.6
Source	[email protected]
Type	Primary

Links:

Exploit-db
Github