USN-1057-1 -- linux-source-2.6.15 vulnerabilitiesID: oval:org.secpod.oval:def:700234 | Date: (C)2011-02-18 (M)2024-01-02 |
Class: PATCH | Family: unix |
Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy
Product: |
linux-source-2.6.15 |