Oval Definition:	oval:org.mitre.oval:def:10309
Revision Date: 2013-04-29 Version: 11 Title: Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. Description: Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-read in IPT_ENTRY_ITERATE. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-0039 Platform(s): CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 4 Product(s): Definition Synopsis RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 OR CentOS Linux 4.x OR Oracle Linux 4.x AND Configuration section kernel-hugemem is earlier than 0:2.6.9-42.0.3.EL OR kernel-hugemem-devel is earlier than 0:2.6.9-42.0.3.EL OR kernel-smp-devel is earlier than 0:2.6.9-42.0.3.EL OR kernel-largesmp-devel is earlier than 0:2.6.9-42.0.3.EL OR kernel is earlier than 0:2.6.9-42.0.3.EL OR kernel-devel is earlier than 0:2.6.9-42.0.3.EL OR kernel-doc is earlier than 0:2.6.9-42.0.3.EL OR kernel-largesmp is earlier than 0:2.6.9-42.0.3.EL OR kernel-smp is earlier than 0:2.6.9-42.0.3.EL
BACK