Stack-based buffer overflows in Linux kernel's ip_vs_ctl.c allow local privilege escalation

Stack-based buffer overflows in Linux kernel's ip_vs_ctl.c allow local privilege escalation

CVE-2013-4588 · HIGH Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.