Описание
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.
Ссылки
- Broken Link
- Mailing ListThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitPatchThird Party Advisory
- Broken Link
- Mailing ListThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
EPSS
1.9 Low
CVSS2
Дефекты
Связанные уязвимости
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.
The dev_load function in net/core/dev.c in the Linux kernel before 2.6 ...
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.
ELSA-2011-2015: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)
EPSS
1.9 Low
CVSS2