APPLIED: [CVE-2011-1080] bridge: netfilter: fix information leak

Tim Gardner tim.gardner at
Tue Jul 26 20:30:12 UTC 2011

On 07/26/2011 12:51 PM, Andy Whitcroft wrote:
> CVE-2011-1080
> 	Struct tmp is copied from userspace.  It is not checked whether
> 	the "name" field is NULL terminated.  This may lead to buffer
> 	overflow and passing contents of kernel stack as a module name
> 	to try_then_request_module() and, consequently, to modprobe
> 	commandline.  It would be seen by all userspace processes.
> The fix for this CVE has hit lucid and later via mainline and stable.
> Following this email are two patches one for hardy and lucid/fsl-imx51,
> and one for maverick/ti-omap4.  The former is a minor backport due to a
> large change in line numbers, the latter a simple cherrypick.
> Proposing for hardy, lucid/fsl-imx51, and maverick/ti-omap4.
> -apw

Tim Gardner tim.gardner at

More information about the kernel-team mailing list