Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel‘do_replace’函数信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 2.6.39之前版本中的net/bridge/netfilter/ebtables.c中的do_replace函数中存在漏洞,该漏洞源于未能确定某些名字字段以‘’字符结束。本地攻击者可通过利用CAP_NET_ADMIN容量替换表,然后读取modprobe命令行从内核栈内存中获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A