Vulnerabilities

CVE-2012-3430

by Fred · 03/10/2012

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.

Date published : 2012-10-03

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=06b6a1cf6e776426766298d055bb3991957d90a7

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.44

Similar

Tags: Cybersecurity Alert