CVE-2010-4565

Priority
Description
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in
the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36
and earlier creates a publicly accessible file with a filename containing a
kernel memory address, which allows local users to obtain potentially
sensitive information about kernel memory use by listing this filename.
Ubuntu-Description
Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses
into the /proc filesystem. A local attacker could use this to increase the
chances of a successful memory corruption exploit.
Package
Upstream:released (2.6.37)
Package
Upstream:released (2.6.37)
Package
Upstream:released (2.6.37)
Package
Upstream:released (2.6.37)
Package
Upstream:released (2.6.37)
Package
Upstream:released (2.6.37)
Package
Upstream:released (2.6.37)
More Information

Updated: 2019-03-19 11:56:10 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)