CVE-2011-4080

high

Description

The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment.

References

https://github.com/torvalds/linux/commit/bfdc0b497faa82a0ba2f9dddcf109231dd519fcc

http://www.openwall.com/lists/oss-security/2011/10/26/10

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bfdc0b497faa82a0ba2f9dddcf109231dd519fcc

Details

Source: Mitre, NVD

Published: 2012-05-24

Updated: 2023-02-13

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High