CVE-2011-4080
EUVD-2011-403124.05.2012, 23:55
The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 𝑥 < 2.6.39 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||||
| linux-armadaxp |
| ||||||||||||
| linux-ec2 |
| ||||||||||||
| linux-fsl-imx51 |
| ||||||||||||
| linux-lts-backport-maverick |
| ||||||||||||
| linux-lts-backport-natty |
| ||||||||||||
| linux-lts-backport-oneiric |
| ||||||||||||
| linux-mvl-dove |
| ||||||||||||
| linux-ti-omap4 |
|
Common Weakness Enumeration
References