Kernel: xfrm_user: info leak in copy_to_user_auth

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.21.3) - Sendmail Capabilities Privilege Escalation(1)

Linux Kernel 2.2.x 2.4.0-test1 SGI ProPack 1.21.3 - Sendmail Capabilities Privilege Escalation1 / source: https://www.securityfocus.com/bid/1322/info POSIX "Capabilities" have recently been implemented in the Linux kernel. These "Capabilities" are an additional form of privilege control to enable...