5 matches found
Information Disclosure
Linux kernel is vulnerable to information disclosure attacks. A local user could exploit a flaw in the inetdiagmsgsctpaddrsfill, inetdiagmsgsctpladdrsfill, and sctpgetsctpinfo functions in 'net/sctp/sctpdiag.c' to obtain potentially sensitive information in portions of slab memory on the target...
CVE-2017-7558
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...
CVE-2017-7558
CVE-2017-7558 describes a kernel data leak (out-of-bounds read) in the Linux kernel inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() that could leak up to 100 bytes of slab data to userspace. Affected: Linux kernel (4.7-rc1 through 4.13). Root cause: filling sockaddr data structures wit...
CVE-2017-7558
A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...
Amazon Linux AMI : kernel (ALAS-2017-901)
A buffer overflow was discovered in tpacketrcv function in the Linux kernel since v4.6-rc1 through v4.13. A number of socket-related syscalls can be made to set up a configuration when each packet received by a network interface can cause writing up to 10 bytes to a kernel memory outside of a...