Описание
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.
Отчет
This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Extended Life Cycle Phase of its maintenance life-cycle, where only qualified security errata of critical impact are addressed. For further information about the Errata Support Policy, visit: http://www.redhat.com/security/updates/errata
Дополнительная информация
Статус:
EPSS
1.9 Low
CVSS2
Связанные уязвимости
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not ...
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.
Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
1.9 Low
CVSS2