Описание
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
Отчет
This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and 5 as they did not include support for equalizer load-balancer for serial network interfaces. This was addressed in Red Hat Enterprise Linux Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0771.html.
Дополнительная информация
Статус:
EPSS
1.9 Low
CVSS2
Связанные уязвимости
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel ...
The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.
Уязвимости операционной системы SUSE Linux Enterprise, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
1.9 Low
CVSS2