Kernel Stack Memory Disclosure in Linux Kernel

Kernel Stack Memory Disclosure in Linux Kernel

CVE-2011-1080 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.