Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1080

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2011-1080
Last Modified 05 May 2015 09:59:06
Published 21 Jun 2012 07:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-1080

Summary

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.38

  • Linux Kernel 2.6.38.1

  • Linux Kernel 2.6.38.2

  • Linux Kernel 2.6.38.3

  • Linux Kernel 2.6.38.4

  • Linux Kernel 2.6.38.5

  • Linux Kernel 2.6.38.6

  • Linux Kernel 2.6.38.7

  • Linux Kernel 2.6.38.8


References

CONFIRM - https://github.com/torvalds/linux/commit/d846f71195d57b0bbb143382647c2c6638b04c5a

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=681262

MLIST - [oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d846f71195d57b0bbb143382647c2c6638b04c5a

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

REDHAT - RHSA-2011:0833

CONFIRM - http://downloads.avaya.com/css/P8/documents/100145416

Related Patches

Novell SUSE 2011:4884 kernel security update for SLE 11 SP1 i586

Novell SUSE 2012:7915 kernel security update for SLE 10 SP4 x86_64

Novell SUSE 2012:7918 kernel security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:56:34