CVE-2012-6540

2013-03-15T16:55:07
ID CVE-2012-6540
Type cve
Reporter NVD
Modified 2013-05-14T23:33:41

Description

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.