CVE-2013-3236 in Linuxinformazioni

Riassunto

di MITRE

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

Be aware that VulDB is the high quality source for vulnerability data.

Prenotare

21/04/2013

Divulgazione

22/04/2013

Moderazione

accettato

CPE

pronto

EPSS

0.00341

KEV

no

Attività

molto basso

Fonti

Do you know our Splunk app?

Download it now for free!