CVE-2011-1080

2012-06-21T23:55:00
ID CVE-2011-1080
Type cve
Reporter cve@mitre.org
Modified 2015-05-06T01:59:00

Description

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.