Back to search
CVE-2011-1171
Published: Jun 22, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
8283
third-party-advisory
x_refsource_SREASON
[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=689327
x_refsource_CONFIRM
[linux-kernel] 20110310 [PATCH] ipv4: netfilter: ip_tables: fix infoleak to userspace
mailing-list
x_refsource_MLIST
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
x_refsource_CONFIRM
RHSA-2011:0833
vendor-advisory
x_refsource_REDHAT
http://downloads.avaya.com/css/P8/documents/100145416
x_refsource_CONFIRM
[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks
mailing-list
x_refsource_MLIST
8278
third-party-advisory
x_refsource_SREASON
[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now