267 matches found
kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl
net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...
PT-2011-1619 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue allows local users to obtain potentially sensitive information from kernel heap memory. This is possible by leveraging the CAP NET ADMIN capability for an ethtool ioctl call, due to...
kernel: skfp_ioctl inverted logic flaw
The skfpioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFPCLRSTATS requests only when the CAPNETADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic"...
security flaw
Race condition in the doaddcounters function in netfilter for Linux kernel 2.6.16 allows local users with CAPNETADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-re...
PT-2006-1130 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.16 Description: A race condition exists in the do add counters function in netfilter for the Linux kernel, allowing local users with CAP NET ADMIN capabilities to read kernel memory. This is achieved by triggering the...
PT-2006-1129 · Linux +2 · Netfilter +3
Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.16-rc3 Description: The issue is related to an integer overflow in the do replace function in netfilter for Linux. This can be exploited by local users with CAP NET ADMIN rights to cause a buffer overflow in the co...
security flaw
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAPNETADMIN capability, which could allow local users to conduct unauthorized activities via 1 ipv4/ipsockglue.c and 2 ipv6/ipv6sockglue.c...