Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 127216

Summary: Linux Kernel Netfilter Do_Replace Local Buffer Overflow Vulnerability
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.securityfocus.com/bid/17178/
Whiteboard:
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2006-03-22 12:00:33 UTC 
The Linux kernel is susceptible to a local buffer-overflow vulnerability. This issue is due to the kernel's failure to properly bounds-check user-supplied input before using it in a memory copy operation.

This issue allows local attackers to overwrite kernel memory with arbitrary data, potentially allowing them to execute malicious machine code in the context of affected kernels. This vulnerability facilitates the complete compromise of affected computers.

This issue is only exploitable by local users who have superuser privileges, or have the CAP_NET_ADMIN capability. This issue is therefore only a security concern on computers running virtualization software that allows users to have superuser access to guest operating systems, or when the CAP_NET_ADMIN capability is given to untrusted users.

Linux kernel versions prior to 2.6.16 in the 2.6 series are affected by this issue.
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2006-03-27 13:28:39 UTC 

*** This bug has been marked as a duplicate of 127162 ***