CVE-2011-1019

Impact:
Low
Public Date:
2011-02-24
Bugzilla:
680360: CVE-2011-1019 kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN

The MITRE CVE dictionary describes this issue as:

The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.

Find out more about CVE-2011-1019 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit a8f80e8f that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0498.html and https://rhn.redhat.com/errata/RHSA-2011-0500.html.

CVSS v2 metrics

Base Score 1.5
Base Metrics AV:L/AC:M/Au:S/C:N/I:P/A:N
Access Vector Local
Access Complexity Medium
Authentication Single
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2011:0500 2011-05-10
Red Hat Enterprise Linux 6 (kernel) RHSA-2011:0498 2011-05-10

Acknowledgements

Red Hat would like to thank Vasiliy Kulikov of Openwall for reporting this issue.
Last Modified

CVE description copyright © 2017, The MITRE Corporation