Описание
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
Отчет
The Red Hat Security Response Team has rated this issue as having low security impact. A future kernel updates may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 5 | kernel | Fixed | RHSA-2012:1323 | 02.10.2012 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2012:1304 | 25.09.2012 |
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2012:1491 | 04.12.2012 |
Показывать по
Дополнительная информация
Статус:
2.1 Low
CVSS2
Связанные уязвимости
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before ...
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
ELSA-2012-2037: Unbreakable Enterprise kernel Security update (IMPORTANT)
2.1 Low
CVSS2