Описание
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
Ссылки
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Одно из
EPSS
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly r ...
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
ELSA-2011-1212: kernel security and bug fix update (IMPORTANT)
EPSS
2.1 Low
CVSS2