Pages: [1] 
|
 |
|
 Author
|
Topic: Linux Kernel "raw_sendmsg()" and "sendmsg()" Local Vulnerabilities (Read 2219 times)
|
|
TJ
|
* Technical Description * Two vulnerabilities were identified in Linux Kernel, which could be exploited by local attackers to obtain elevated privileges, cause a denial of service, or disclose sensitive information. The first issue is due to an error in "raw_sendmsg()", which could be exploited by local attackers to disclose the contents of kernel memory or cause a denial of service by manipulating hardware state. The second flaw is due to a buffer overflow error in "sendmsg()" when copying 32bit "msg_control" contents to kernel, which could be exploited by local attackers to execute arbitrary commands with "root" privileges. * Affected Products * Linux Kernel versions prior to 2.6.13.1 * Solution * Upgrade to Linux Kernel version 2.6.13.1 : http://www.kernel.org/ * References * http://www.frsirt.com/english/advisories/2005/1701http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.1 |
|
|
|
|
Logged
|
|
|
|
|
Pages: [1] 
|
|
|
 |
AlphaOne Technology Support Forums
