Описание
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.
Ссылки
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
Одно из
EPSS
4.9 Medium
CVSS2
Дефекты
Связанные уязвимости
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2. ...
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.
EPSS
4.9 Medium
CVSS2