Linux Kernel File Offset Pointer Handling Memory

2004-08-04T08:13:02
ID OSVDB:8302
Type osvdb
Reporter Paul Starzetz(ihaquer@isec.pl)
Modified 2004-08-04T08:13:02

Description

Vulnerability Description

The Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when invalid conversion from 64 bit file offsets to 32 bit file offsets occur, which may disclose kernel memory information resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available from kernel.org to correct this issue. Some vendors such as RedHat have released patches which are made available to their customers. Please check with your respective vendor if applicable.

Short Description

The Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when invalid conversion from 64 bit file offsets to 32 bit file offsets occur, which may disclose kernel memory information resulting in a loss of confidentiality.

References:

Vendor URL: http://www.kernel.org/ Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:12331 Secunia Advisory ID:12391 Secunia Advisory ID:12211 Secunia Advisory ID:12210 Secunia Advisory ID:12215 RedHat RHSA: RHSA-2004:327 RedHat RHSA: RHSA-2004:413-07 Other Advisory URL: http://isec.pl/vulnerabilities/isec-0016-procleaks.txt Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:087 Nessus Plugin ID:14252 Nessus Plugin ID:14231 Nessus Plugin ID:14387 ISS X-Force ID: 16877 CVE-2004-0415