10 matches found
SUSE CVE-2011-1019
The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...
Privilege Escalation
The kernel contains privilege escalation. A flaw in devload could allow a local user who has the CAPNETADMIN capability to load arbitrary modules from "/lib/modules/", instead of only netdev modules...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2015)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2015 advisory. - sctp: fix to calc the INIT/INIT-ACK chunk length correctly is set CVE-2011-1573 - dccp: fix oops on Reset after close CVE-2011-1093 - bridge:...
CVE-2011-1019
The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...
Design/Logic Flaw
The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...
CVE-2011-1019
The CVE-2011-1019 issue affects the Linux kernel up to version 2.6.38, where dev_load in net/core/dev.c allows local users with CAP_NET_ADMIN to bypass CAP_SYS_MODULE and load arbitrary modules. This constitutes a local privilege escalation. Remediation is to upgrade to kernel 2.6.38 or newer (as...
CVE-2011-1019
The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...
Linux Kernel 'CAP_NET_ADMIN'未授权访问漏洞
Bugtraq ID: 47792 CVE ID:CVE-2011-1019 Linux是一款开放源代码的操作系统。 devload存在一个缺陷允许有CAPNETADMIN capability的本地用户从"/lib/modules/"装载任意模块,而本来只限装载与网络相关的模块如netdev。 Linux kernel 2.6.x 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: https://bugzilla.redhat.com/showbug.cgi?id=680360...
kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...
CVE-2011-1019
The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...