Описание
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
Ссылки
Уязвимые конфигурации
EPSS
4 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel ...
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.
ELSA-2018-4172: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
4 Medium
CVSS3
2.1 Low
CVSS2