Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2555
HistoryDec 09, 2007 - 12:00 a.m.

Linux Kernel DO_COREDUMP函数本地信息泄露漏洞

2007-12-0900:00:00
Root
www.seebug.org
15

0.0004 Low

EPSS

Percentile

8.6%

JSON

BUGTRAQ ID: 26701
CVE(CAN) ID: CVE-2007-6206

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel实现core dump时存在漏洞,本地攻击者可能利用此漏洞获取敏感信息。

Linux Kernel的fs/exec.c文件中的do_coredump()函数在将core转储到已有文件时没有正确地验证core dump文件的用户ID,如果本地攻击者能够诱骗其他用户ID的应用程序将core转储到已有文件的话,就可能访问敏感信息。

Linux kernel < 2.6.24-rc4
前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://kernel.org/diff/diffview.cgi?file=%2Fpub%2Flinux%2Fkernel%2Fv2.6%2Ftesting%2Fpatch-2.6.24-rc4.bz2” target=“_blank”>http://kernel.org/diff/diffview.cgi?file=%2Fpub%2Flinux%2Fkernel%2Fv2.6%2Ftesting%2Fpatch-2.6.24-rc4.bz2</a>

Related

ubuntucve 1
veracode 1
seebug 1
prion 1
cve 1
nessus 26
suse 4
openvas 44
securityvulns 2
osv 4
oraclelinux 4
debian 4
redhat 5
centos 4
vmware 2
ubuntu 2
ubuntucve
ubuntucve
CVE-2007-6206
2007-12-04 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:24:24
seebug
seebug
Linux Kernel DO_COREDUMP本地信息泄露漏洞
2007-12-10 00:00:00
prion
prion
Information disclosure
2007-12-04 00:46:00
cve
cve
CVE-2007-6206
2007-12-04 00:46:00
nessus
nessus
openSUSE 10 Security Update : kernel (kernel-4986)
2008-02-14 00:00:00
RHEL 5 : kernel (RHSA-2008:0089)
2008-01-27 00:00:00
CentOS 5 : kernel (CESA-2008:0089)
2010-01-06 00:00:00
suse
suse
local privilege escalation in kernel
2008-02-12 13:43:48
remote denial of service in kernel
2008-07-07 14:54:24
remote denial of service in kernel
2010-09-01 13:59:34
openvas
openvas
SuSE Update for kernel SUSE-SA:2008:007
2009-01-23 00:00:00
RedHat Update for kernel RHSA-2008:0089-01
2009-03-06 00:00:00
Debian: Security Advisory (DSA-1436-1)
2008-01-17 00:00:00
securityvulns
securityvulns
Linux multiple security vulnerabilities
2007-12-21 00:00:00
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-21 00:00:00
osv
osv
linux-2.6 fai-kernels user-mode-linux - several vulnerabilities
2007-12-20 00:00:00
kernelimage-2.4.27 - several issues
2008-02-22 00:00:00
kernel-source-2.4.27 - several vulnerabilities
2008-02-22 00:00:00
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2008-01-24 00:00:00
Important: kernel security and bug fix update
2008-02-01 00:00:00
kernel security and bug fix update
2008-05-07 00:00:00
debian
debian
[SECURITY] [DSA 1436-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-12-20 22:28:26
[SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues
2008-02-22 21:27:33
[SECURITY] [DSA 1503-2] New Linux kernel 2.4.27 packages fix several issues
2008-03-06 07:47:54
redhat
redhat
(RHSA-2008:0089) Important: kernel security and bug fix update
2008-01-23 00:00:00
(RHSA-2008:0055) Important: kernel security and bug fix update
2008-01-31 00:00:00
(RHSA-2008:0211) Important: kernel security and bug fix update
2008-05-07 00:00:00
centos
centos
kernel security update
2008-01-24 00:20:48
kernel security update
2008-02-04 17:59:19
kernel security update
2008-05-07 14:58:01
vmware
vmware
Updated ESX service console packages for Samba and vmnix
2008-07-28 00:00:00
Updated ESX service console packages for Samba and vmnix
2008-07-28 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2008-02-14 00:00:00
Linux kernel vulnerabilities
2008-02-04 00:00:00

0.0004 Low

EPSS

Percentile

8.6%

JSON
Related for SSV:2555
ubuntucve1veracode1seebug1prion1cve1nessus26suse4openvas44securityvulns2osv4oraclelinux4debian4redhat5centos4vmware2ubuntu2