Secunia Security Advisory - Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.
0050151ae0a7d64fe7f4d5631e14847124892471af1843b6811b5cf31ec9d289
----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
For more information visit:
http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com
----------------------------------------------------------------------
TITLE:
Linux Kernel ".getname" Information Disclosure
SECUNIA ADVISORY ID:
SA36438
VERIFY ADVISORY:
http://secunia.com/advisories/36438/
DESCRIPTION:
Some vulnerabilities have been reported in the Linux Kernel, which
can be exploited by malicious, local users to disclose potentially
sensitive information.
The vulnerabilities are caused due to the proto_ops ".getname"
functions for various protocols not properly clearing certain
structure members before returning them to userspace, which can be
exploited to disclose kernel memory.
SOLUTION:
Fixed in version 2.6.31-rc7.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
http://git.kernel.org/linus/09384dfc76e526c3993c09c42e016372dc9dd22c
http://git.kernel.org/linus/e84b90ae5eb3c112d1f208964df1d8156a538289
http://git.kernel.org/linus/3d392475c873c10c10d6d96b94d092a34ebd4791
http://git.kernel.org/linus/f6b97b29513950bfbf621a83d85b6f86b39ec8db
http://git.kernel.org/linus/80922bbb12a105f858a8f0abb879cb4302d0ecaa
http://git.kernel.org/linus/17ac2e9c58b69a1e25460a568eae1b0dc0188c25
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------