Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel IPv4实现net/ipv4/netfilter/ip_tables.c信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 2.6.39之前版本的IPv4实现中的net/ipv4/netfilter/ip_tables.c不能在某些结构体成员值的字符串数据末端放置''字符。本地用户可利用CAP_NET_ADMIN功能发送特制的请求,从内核内存中获取潜在敏感信息,并且读取生成modprobe程序的参数。
CVSS Information
N/A
Vulnerability Type
N/A