Information Disclosure

2020-04-1001:00:30

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

JSON

kernel is vulnerable to information disclosure. An information leak in bcm_connect() in the Controller Area Network (CAN) Broadcast Manager implementation could allow a local, unprivileged user to leak kernel mode addresses in /proc/net/can-bcm.

CPENameOperatorVersion
kerneleq2.6.32__71.el6
kerneleq2.6.32__71.24.1.el6
kerneleq2.6.32__71.7.1.el6
kerneleq2.6.32__71.18.2.el6
kerneleq2.6.32__71.14.1.el6
kerneleq2.6.32__71.18.1.el6
kernel-rteq2.6.24.7__139.el5rt
kernel-rteq2.6.33.7__rt29.45.el5rt
kernel-rteq2.6.24.7__149.el5rt
kernel-rteq2.6.24.7__101.el5rt

Name	Operator	Version
kernel	eq	2.6.32__71.el6
kernel	eq	2.6.32__71.24.1.el6
kernel	eq	2.6.32__71.7.1.el6
kernel	eq	2.6.32__71.18.2.el6
kernel	eq	2.6.32__71.14.1.el6
kernel	eq	2.6.32__71.18.1.el6
kernel-rt	eq	2.6.24.7__139.el5rt
kernel-rt	eq	2.6.33.7__rt29.45.el5rt
kernel-rt	eq	2.6.24.7__149.el5rt
kernel-rt	eq	2.6.24.7__101.el5rt