CVE-2011-1080

Priority
Description
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux
kernel before 2.6.39 does not ensure that a certain name field ends with a
'\0' character, which allows local users to obtain potentially sensitive
information from kernel stack memory by leveraging the CAP_NET_ADMIN
capability to replace a table, and then reading a modprobe command line.
Ubuntu-Description
Vasiliy Kulikov discovered that bridge network filtering did not check that
name fields were NULL terminated. A local attacker could exploit this to
leak contents of kernel stack memory, leading to a loss of privacy.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.39~rc1)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by d846f71195d57b0bbb143382647c2c6638b04c5a
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-01-14 21:56:33 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)