Your submission was sent successfully! Close

CVE-2011-1170

Published: 22 June 2011

net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.

From the Ubuntu security team

Vasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy
Released (2.6.24-29.92)
lucid
Released (2.6.32-32.62)
maverick
Released (2.6.35-30.52)
natty
Released (2.6.38-9.43)
upstream
Released (2.6.39~rc1)
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-316.30)
maverick Ignored
(binary supplied by "linux" now)
natty Does not exist

upstream
Released (2.6.39~rc1)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.31-610.27)
maverick Does not exist

natty Does not exist

upstream
Released (2.6.39~rc1)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.35-30.54~lucid1)
maverick Does not exist

natty Does not exist

upstream
Released (2.6.39~rc1)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable
(2.6.38-9.43~lucid1)
maverick Does not exist

natty Does not exist

upstream
Released (2.6.39~rc1)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.32-217.34)
maverick
Released (2.6.32-417.34)
natty Does not exist

upstream
Released (2.6.39~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick
Released (2.6.35-903.23)
natty
Released (2.6.38-1209.13)
upstream
Released (2.6.39~rc1)