Forum Thread: Linux Kernel "recvmsg()" and "recvfrom()" Information Disclosure ...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Linux Kernel "recvmsg()" and "recvfrom()" Information Disclosure Weaknesses

Secunia Linux Kernel "recvmsg()" and "recvfrom()" Information Disclosure Weaknesses
Secunia Official 24th Jan, 2014 02:45
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Some weaknesses have been reported in Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.

The weaknesses are caused due to some errors related to implementations of the "recvmsg()" and "recvfrom()" functions and can be exploited to disclose potentially sensitive uninitialized kernel stack memory.

Successful exploitation requires the kernel to be built with the networking support(CONFIG_NET).

The weaknesses are reported in versions prior to 3.2.54, 3.4.73, 3.10.23, and 3.12.4.

damon_yang RE: Linux Kernel "recvmsg()" and "recvfrom()" Information Disclosure Weaknesses
Member 24th Jan, 2014 02:45
Score: 0
Posts: 1
User Since: 24th Jan 2014
System Score: N/A
Location: CN
Last edited on 24th Jan, 2014 02:45
Is there same vulnerability in kernel 2.6.34?
Was this reply relevant?
+0
-0