Описание
Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.
Комментарий
Per: http://cwe.mitre.org/data/definitions/129.html
"CWE-129: Improper Validation of Array Index"
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Vendor Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.
Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.
Array index error in the aio_read_events_ring function in fs/aio.c in ...
Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.
ELSA-2014-0786: kernel security, bug fix, and enhancement update (IMPORTANT)
EPSS
2.1 Low
CVSS2