Vulnerabilities

CVE-2009-3001

by Fred · 28/08/2009

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.

Date published : 2009-08-28

http://www.securityfocus.com/bid/36126

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=28e9fc592cb8c7a43e4d3147b38be6032a0e81bc

Similar

Tags: Cybersecurity Alert