CVE-2011-1019 (retired)

Priority
Description
The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38
allows local users to bypass an intended CAP_SYS_MODULE capability
requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN
capability.
Ubuntu-Description
Vasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not
needed to load kernel modules. A local attacker with the CAP_NET_ADMIN
capability could load existing kernel modules, possibly increasing the
attack surface available on the system.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.38)
Patches:
Introduced by a8f80e8ff94ecba629542d9b4b5f5a8ee3eb565cFixed by 8909c9ad8ff03611c9c96c9a92656213e4bb495b
Package
Upstream:released (2.6.38)
Package
Upstream:released (2.6.38)
Package
Upstream:released (2.6.38)
Package
Upstream:released (2.6.38)
Package
Upstream:released (2.6.38)
Package
Upstream:released (2.6.38)
Package
Upstream:released (2.6.38)
More Information

Updated: 2019-03-26 11:55:33 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)