CVE-2011-2909

Priority
Description
The do_devinfo_ioctl function in drivers/staging/comedi/comedi_fops.c in
the Linux kernel before 3.1 allows local users to obtain sensitive
information from kernel memory via a copy of a short string.
Ubuntu-Description
Vasiliy Kulikov discovered that the Comedi driver did not correctly clear
memory. A local attacker could exploit this to read kernel stack memory,
leading to a loss of privacy.
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.1~rc1)
Patches:
Introduced by
ed9eccbe8970f6eedc1b978c157caf1251a896d4
Fixed by
819cbb120eaec7e014e5abd029260db1ca8c5735
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
More Information

Updated: 2020-03-18 22:06:58 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)