Описание
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function. A user/program with CAP_NET_ADMIN privileges could use this flaw to further escalate their privileges on a system.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.11.0-12.19 |
| lucid | released | 2.6.32-55.117 |
| precise | not-affected | 3.1.0-1.1 |
| quantal | not-affected | 3.4.0-1.1 |
| raring | not-affected | 3.7.0-0.5 |
| saucy | not-affected | 3.9.0-0.2 |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | not-affected | 3.2.0-1600.1 |
| quantal | not-affected | 3.2.0-1602.5 |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | released | 2.6.32-360.73 |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | ignored | end of life |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | ignored | end of life |
| quantal | ignored | end of life |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | ignored | end of life |
| quantal | ignored | end of life |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | ignored | end of life |
| quantal | ignored | end of life |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | not-affected | 3.5.0-18.29~precise1 |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | not-affected | 3.8.0-19.30~precise1 |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | DNE | |
| precise | not-affected | 3.11.0-13.20~precise2 |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | ignored | end of life |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| quantal | ignored | end of life |
| raring | DNE | |
| saucy | DNE | |
| upstream | released | 2.6.33~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | ignored | |
| lucid | DNE | |
| precise | not-affected | 3.0.0-1401.2 |
| quantal | not-affected | 3.4.0-201.2 |
| raring | not-affected | 3.5.0-213.20 |
| saucy | not-affected | 3.5.0-223.34 |
| upstream | released | 2.6.33~rc4 |
Показывать по
Ссылки на источники
EPSS
6.9 Medium
CVSS2
7 High
CVSS3
Связанные уязвимости
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl. ...
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.
EPSS
6.9 Medium
CVSS2
7 High
CVSS3