CVE Reference: CVE-2011-0711

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-0711

Description:
The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.

CVE Status:
Candidate

References:

REDHAT
  http://rhn.redhat.com/errata/RHSA-2011-0927.html

OSVDB
  70950

MLIST
  http://openwall.com/lists/oss-security/2011/02/16/10
  http://openwall.com/lists/oss-security/2011/02/16/4

CONFIRM
  http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.38-rc6-git3.log
  http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3a3675b7f23f83ca8c67c9c2b6edf707fd28d1ba

BID
  46417


Return to the previous page.