Vulnerabilities

CVE-2010-3078

by Fred · 21/09/2010

The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.

Date published : 2010-09-21

http://www.securityfocus.com/bid/43022

http://www.securityfocus.com/archive/1/520102/100/0/threaded

Similar

Tags: Cybersecurity Alert