Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-1080

Опубликовано: 14 фев. 2011
Источник: redhat
CVSS2: 1.7

Описание

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelAffected
MRG for RHEL-5kernel-rtFixedRHSA-2011:050010.05.2011
Red Hat Enterprise Linux 5kernelFixedRHSA-2011:083331.05.2011
Red Hat Enterprise Linux 6kernelFixedRHSA-2011:049810.05.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=681262kernel: ebtables stack infoleak

1.7 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-1080

ubuntu
больше 13 лет назад

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

nvd логотип

CVE-2011-1080

nvd
больше 13 лет назад

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

debian логотип

CVE-2011-1080

debian
больше 13 лет назад

The do_replace function in net/bridge/netfilter/ebtables.c in the Linu ...

github логотип

GHSA-8xjm-4hrh-pmh2

github
больше 3 лет назад

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

oracle-oval логотип

ELSA-2011-2015

oracle-oval
больше 14 лет назад

ELSA-2011-2015: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)

1.7 Low

CVSS2

Уязвимость CVE-2011-1080