Описание
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
Отчет
This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Not affected | ||
| OpenStack 3 for RHEL 6 | kernel | Fixed | RHSA-2013:1080 | 16.07.2013 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2013:1051 | 16.07.2013 |
Показывать по
Дополнительная информация
Статус:
1.9 Low
CVSS2
Связанные уязвимости
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel befor ...
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.
ELSA-2013-2537: unbreakable enterprise kernel security update (MODERATE)
1.9 Low
CVSS2