CVE-2013-4343

CVE-2013-4343 is a use-after-free in drivers/net/tun.c of the Linux kernel up to and including 3.11.1. An unprivileged local user with CAP_NET_ADMIN can exploit an invalid tuntap interface name passed to TUNSETIFF to gain privileges. The vulnerability affects the tun/tap subsystem by abusing a us...

CVE-2012-6547

The tunchrioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

CVE-2012-6547

CVE-2012-6547 is the Linux kernel issue where __tun_chr_ioctl in drivers/net/tun.c may leave a structure uninitialized, enabling local users to read kernel stack memory. It is described as affecting Linux kernels prior to 3.6; MiracleLinux advisories list this CVE among others in kernel packages ...

Linux Kernel tun_chr_pool()函数空指针引用漏洞

BUGTRAQ ID: 35724 CVECAN ID: CVE-2009-1894 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/net/tun.c文件中的tunchrpoll函数存在空指针引用错误： int fd; struct pollfd pfd; fd = open"/dev/net/tun", ORDWR; pfd.fd = fd; pfd.events = POLLIN | POLLOUT; poll&pfd, 1, 0;...