Upstream information
Description
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.NVD CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Novell/SUSE information
Novell Bugzilla entry: 676602 SUSE Security Advisories:- SUSE-SA:2011:031, published Mon, 25 Jul 2011 12:00:00 +0000
- SUSE-SU-2011:0832-1, published Mon, 25 Jul 2011 17:08:29 +0200 (CEST)
- openSUSE-SU-2012:0236-1, published Thu, 9 Feb 2012 19:10:55 +0100 (CET)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Linux Enterprise Desktop 10 SP4 for x86 |
| sle10-sp4-sdk.x86 sles10-sp4.x86 sled10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7918 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86 |
| sle10-sp4-sdk.x86 sles10-sp4.x86 sled10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7918 |
| SLE SDK 10 SP4 for x86 |
| sle10-sp4-sdk.x86 sles10-sp4.x86 sled10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7918 |
| SUSE Linux Enterprise Server 10 SP4 for x86 |
| sle10-sp4-sdk.x86 sles10-sp4.x86 sled10-sp4.x86 sles10-sp4-debuginfo.x86 ZYPP Patch Nr: 7918 |
| openSUSE 11.4 DEBUGINFO |
| |
| openSUSE 11.4 |
| |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM POWER |
| sles10-sp4-debuginfo.ppc sle10-sp4-sdk.ppc sles10-sp4.ppc ZYPP Patch Nr: 7913 |
| SLE SDK 10 SP4 for IBM iSeries and IBM pSeries |
| sles10-sp4-debuginfo.ppc sle10-sp4-sdk.ppc sles10-sp4.ppc ZYPP Patch Nr: 7913 |
| SUSE Linux Enterprise Server 10 SP4 for IBM POWER |
| sles10-sp4-debuginfo.ppc sle10-sp4-sdk.ppc sles10-sp4.ppc ZYPP Patch Nr: 7913 |
| SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T |
| sled10-sp4.x86-64 sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 ZYPP Patch Nr: 7915 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T |
| sled10-sp4.x86-64 sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 ZYPP Patch Nr: 7915 |
| SLE SDK 10 SP4 for X86-64 |
| sled10-sp4.x86-64 sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 ZYPP Patch Nr: 7915 |
| SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T |
| sled10-sp4.x86-64 sle10-sp4-sdk.x86-64 sles10-sp4-debuginfo.x86-64 sles10-sp4.x86-64 ZYPP Patch Nr: 7915 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4889 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4889 |
| SUSE Linux Enterprise Desktop 11 SP1 |
| sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4889 |
| SUSE Linux Enterprise Server 11 SP1 for VMware |
| sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4889 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1.x86-64 sles11-sp1-vmware.x86-64 SAT Patch Nr: 4889 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM zSeries 64bit |
| sles10-sp4-debuginfo.s390x sles10-sp4.s390x ZYPP Patch Nr: 7931 |
| SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit |
| sles10-sp4-debuginfo.s390x sles10-sp4.s390x ZYPP Patch Nr: 7931 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4891 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1-vmware.x86 sles11-sp1.x86 SAT Patch Nr: 4884 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1-vmware.x86 sles11-sp1.x86 SAT Patch Nr: 4884 |
| SUSE Linux Enterprise Desktop 11 SP1 |
| sles11-sp1-vmware.x86 sles11-sp1.x86 SAT Patch Nr: 4884 |
| SUSE Linux Enterprise Server 11 SP1 for VMware |
| sles11-sp1-vmware.x86 sles11-sp1.x86 SAT Patch Nr: 4884 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1-vmware.x86 sles11-sp1.x86 SAT Patch Nr: 4884 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4892 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4890 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4894 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1.ppc SAT Patch Nr: 4887 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1.ppc SAT Patch Nr: 4887 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1.ppc SAT Patch Nr: 4887 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1.s390x SAT Patch Nr: 4888 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1.s390x SAT Patch Nr: 4888 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1.s390x SAT Patch Nr: 4888 |
| SLE 11 SERVER Unsupported Extras |
| Builds SAT Patch Nr: 4893 |
| SUSE Linux Enterprise 10 SP4 DEBUGINFO for IPF |
| sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 7912 |
| SLE SDK 10 SP4 for IPF |
| sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 7912 |
| SUSE Linux Enterprise Server 10 SP4 for IPF |
| sles10-sp4.ia64 sles10-sp4-debuginfo.ia64 sle10-sp4-sdk.ia64 ZYPP Patch Nr: 7912 |
| SLE 11 SP1 DEBUGINFO |
| sles11-sp1.ia64 SAT Patch Nr: 4885 |
| SUSE Linux Enterprise High Availability Extension 11 SP1 |
| sles11-sp1.ia64 SAT Patch Nr: 4885 |
| SUSE Linux Enterprise Server 11 SP1 |
| sles11-sp1.ia64 SAT Patch Nr: 4885 |