VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 21, 2012· Updated Apr 29, 2026

CVE-2011-1080

CVE-2011-1080

Description

The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • Linux/Kernel17 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.38.8
    • cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
  • Ubuntu/Linux Kernelllm-fuzzy
    Range: <2.6.39

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.