mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-07 12:21:57 +00:00
913 B
913 B
CVE-2011-1080
Description
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.
POC
Reference
Github
No PoCs found on GitHub currently.