Linux Kernel Netfilter Do_Add_Counters Local Race Condition Vulnerability

The Linux kernel is susceptible to a local race-condition vulnerability.

This issue allows local attackers to gain access to potentially sensitive kernel memory, aiding them in further attacks. Failed exploit attempts may crash the kernel, denying service to legitimate users.

This issue is exploitable only by local users who have superuser privileges or have the CAP_NET_ADMIN capability. This issue is therefore a security concern only if computers run virtualization software that allows users to have superuser access to guest operating systems or if the CAP_NET_ADMIN capability is given to untrusted users.

Linux kernel versions prior to 2.6.16.17 in the 2.6 series are affected by this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus