CVE-2015-5697

Опубликовано: 25 июл. 2015

Источник: redhat

CVSS2: 1.9

Описание

The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.

A cross-boundary flaw was discovered in the Linux kernel software raid driver. The driver accessed a disabled bitmap where only the first byte of the buffer was initialized to zero. This meant that the rest of the request (up to 4095 bytes) was left and copied into user space. An attacker could use this flaw to read private information from user space that would not otherwise have been accessible.

Отчет

This issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6, 7, MRG-2 and realtime and may be addressed in a future update.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 4	kernel	Not affected
Red Hat Enterprise Linux 5	kernel	Affected
Red Hat Enterprise Linux 6	kernel	Affected
Red Hat Enterprise Linux 7	kernel	Affected
Red Hat Enterprise Linux 7	kernel-rt	Affected
Red Hat Enterprise MRG 2	realtime-kernel	Affected