Vulnerability: Improper Restriction of User-Space Access to VLAN Tag Control Information in Linux Kernel

Vulnerability: Improper Restriction of User-Space Access to VLAN Tag Control Information in Linux Kernel

CVE-2011-2898 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.