Vulnerabilities

CVE-2013-2635

by Fred · 22/03/2013

The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

Date published : 2013-03-22

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=84d73cd3fb142bf1298a8c13fd4ca50fd2432372

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4

Similar

Tags: Cybersecurity Alert