Published: 01/03/2013 Updated: 13/02/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N

The dev_load function in net/core/dev.c in the Linux kernel prior to 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Multiple kernel vulnerabilities have been fixed ...

Multiple kernel flaws have been fixed ...

Multiple kernel vulnerabilities have been fixed ...

Multiple kernel flaws have been fixed ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

NVD-CWE-noinfo https://github.com/torvalds/linux/commit/8909c9ad8ff03611c9c96c9a92656213e4bb495b http://www.openwall.com/lists/oss-security/2011/02/25/1 https://bugzilla.redhat.com/show_bug.cgi?id=680360 http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8909c9ad8ff03611c9c96c9a92656213e4bb495b https://nvd.nist.gov https://usn.ubuntu.com/1141-1/

CVE-2011-1019

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect