CVE-2013-3236 in Linuxالمعلومات

الملخص

بحسب MITRE

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Be aware that VulDB is the high quality source for vulnerability data.

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!