VDB

GSD-2011-1080

GSD-2011-1080 PUBLISHED

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

Affected Products

VendorProductVersions
n/an/a*

Timeline

  • Nov 3, 2009 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›