Lucene search
K

267 matches found

redhat
redhat
added 2011/02/16 3:9 p.m.7 views

kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

5.5CVSS6.1AI score0.00397EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2011/02/16 12:0 a.m.5 views

PT-2011-1619 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue allows local users to obtain potentially sensitive information from kernel heap memory. This is possible by leveraging the CAP NET ADMIN capability for an ethtool ioctl call, due to...

7.8CVSS5.9AI score0.0389EPSS
Exploits8References64
redhat
redhat
added 2009/04/01 8:23 a.m.7 views

kernel: skfp_ioctl inverted logic flaw

The skfpioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFPCLRSTATS requests only when the CAPNETADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic"...

2.1CVSS6.1AI score0.00401EPSS
Exploits1References4
redhat
redhat
added 2006/10/05 7:16 p.m.6 views

security flaw

Race condition in the doaddcounters function in netfilter for Linux kernel 2.6.16 allows local users with CAPNETADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-re...

4.7CVSS5.9AI score0.00296EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2006/05/19 12:0 a.m.3 views

PT-2006-1130 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.16 Description: A race condition exists in the do add counters function in netfilter for the Linux kernel, allowing local users with CAP NET ADMIN capabilities to read kernel memory. This is achieved by triggering the...

7.8CVSS7.3AI score0.04722EPSS
Exploits1References128
ptsecurity
ptsecurity
added 2006/03/22 12:0 a.m.3 views

PT-2006-1129 · Linux +2 · Netfilter +3

Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.16-rc3 Description: The issue is related to an integer overflow in the do replace function in netfilter for Linux. This can be exploited by local users with CAP NET ADMIN rights to cause a buffer overflow in the co...

9CVSS7.6AI score0.06797EPSS
Exploits0References263
redhat
redhat
added 2005/09/28 2:17 p.m.7 views

security flaw

Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAPNETADMIN capability, which could allow local users to conduct unauthorized activities via 1 ipv4/ipsockglue.c and 2 ipv6/ipv6sockglue.c...

4.6CVSS5.8AI score0.00446EPSS
Exploits0References4
Rows per page
Query Builder