CVE-2009-0676
Published: 22 February 2009
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.
From the Ubuntu Security Team
The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy.
Notes
Author | Note |
---|---|
mdeslaur | PoC: http://patchwork.kernel.org/patch/6816/ |
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Does not exist
|
|
hardy |
Released
(2.6.24-23.52)
|
|
intrepid |
Released
(2.6.27-11.31)
|
|
upstream |
Released
(2.6.29~rc5)
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df0bca049d01c0ee94afb7cd5dfd959541e6c8da |
||
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.6.15-54.76)
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
upstream |
Released
(2.6.29~rc5)
|
|
linux-source-2.6.22 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
gutsy |
Released
(2.6.22-16.62)
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
upstream |
Released
(2.6.29~rc5)
|