Lucene search

K
seebug
RootSSV:12166
HistorySep 02, 2009 - 12:00 a.m.

Linux Kernel llc_ui_getname函数本地信息泄露漏洞

2009-09-0200:00:00
Root
www.seebug.org
561

0.0005 Low

EPSS

Percentile

15.3%

BUGTRAQ ID: 36126
CVE(CAN) ID: CVE-2009-3001

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的net/llc/af_llc.c文件中的llc_ui_getname函数没有正确地初始化某些数据结构,这允许本地用户通过对AF_LLC套接字调用getsockname读取部分内核内存的内容。

Linux kernel 2.6.31-rc7
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=28e9fc592cb8c7a43e4d3147b38be6032a0e81bc


                                                http://sebug.net/exploit/12161/
                              
How to find holes in your network?

Try incredible fast Vulners Perimeter Scanner and find vulnerabilities and unnecessary ip and ports in network devices inside your network before anyone else.

Try Network Scanner

0.0005 Low

EPSS

Percentile

15.3%

Related for SSV:12166