3 matches found
Linux Kernel .getname函数多个信息泄露漏洞
BUGTRAQ ID: 36176 CVECAN ID: CVE-2009-3002 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的getname函数没有正确地初始化某些数据结构,本地用户可以通过对AFAPPLETALK、AFIRDA、AFECONET、 AFNETROM、AFROSE、原始CAN等套接字执行getsockname调用读取部分内核内存的内容。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2009-3002
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...
Memory corruption
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...