Bypassing CAP_SYS_MODULE Requirement in Linux Kernel

Bypassing CAP_SYS_MODULE Requirement in Linux Kernel

CVE-2011-1019 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:N

The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.