Vulnerabilities

CVE-2013-2546

by Fred · 14/03/2013

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.

Date published : 2013-03-14

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

https://github.com/torvalds/linux/commit/9a5467bf7b6e9e02ec9c3da4e23747c05faeaac6

Similar

Tags: Cybersecurity Alert