APPLIED: [CVE-2011-1080] bridge: netfilter: fix information leak
Tim Gardner
tim.gardner at canonical.com
Tue Jul 26 20:30:12 UTC 2011
On 07/26/2011 12:51 PM, Andy Whitcroft wrote:
> CVE-2011-1080
> Struct tmp is copied from userspace. It is not checked whether
> the "name" field is NULL terminated. This may lead to buffer
> overflow and passing contents of kernel stack as a module name
> to try_then_request_module() and, consequently, to modprobe
> commandline. It would be seen by all userspace processes.
>
> The fix for this CVE has hit lucid and later via mainline and stable.
> Following this email are two patches one for hardy and lucid/fsl-imx51,
> and one for maverick/ti-omap4. The former is a minor backport due to a
> large change in line numbers, the latter a simple cherrypick.
>
> Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list