2 matches found
CVE-2013-3236
The vmcitransportdgramdequeue function in net/vmwvsock/vmcitransport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
CVE-2013-3236
The CVE-2013-3236 issue affects the Linux kernel component vmci_transport_dgram_dequeue in net/vmw_vsock/vmci_transport.c; it fails to initialize a length variable, allowing local attackers to read kernel stack memory via crafted recvmsg/recvfrom. Affects kernels before 3.9-rc7. Multiple advisori...