漏洞信息详情
linux kernel 填充字段未初始化 内存敏感信息泄露漏洞
- CNNVD编号:CNNVD-200910-262
- 危害等级: 低危
- CVE编号: CVE-2005-4881
- 漏洞类型: 信息泄露
- 发布时间: 2009-09-08
- 威胁类型: 本地
- 更新时间: 2009-10-20
- 厂 商: linux
- 漏洞来源:
漏洞简介
Linux kernel 2.4.37.6版本之前的2.4.x版本以及2.6.13-rc1版本之前的2.6.x版本中的netlink子系统没有初始化某些结构中的填充字段,这可能会允许本地用户可以借助未明向量,获得内核内存中的敏感信息。这些向量与(1)tc_fill_qdisc,(2)tcf_fill_node,(3)neightbl_fill_info,(4)neightbl_fill_param_info,(5) neigh_fill_info,(6)rtnetlink_fill_ifinfo,(7)rtnetlink_fill_iwinfo,(8)vif_delete,(9)ipmr_destroy_unres,(10)ipmr_cache_alloc_unres,(11)ipmr_cache_resolve,(12)inet6_fill_ifinfo,(13)tca_get_fill,(14)tca_action_flush,(15)tcf_add_notify,(16)tc_dump_action,(17)cbq_dump_police,(18)__nlmsg_put,(19) __rta_fill,(20)__rta_reserve,(21)inet6_fill_prefix,(22)rsvp_dump,以及(23)cbq_dump_ovl函数相关。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?...ords=d74d39d05b86ecd47749efef4c5cc4da SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit http://download.novell.com/index.jsp?...ords=45980610ac351edf8925bf87ded45696 SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER http://download.novell.com/index.jsp?...ords=3394af4142e32b1fc8e96d64e36d50aa SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF http://download.novell.com/index.jsp?...ords=49abe3090200555e6b5936a6ebf5473f SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?...ords=d74d39d05b86ecd47749efef4c5cc4da http://download.novell.com/index.jsp?...ords=45980610ac351edf8925bf87ded45696 http://download.novell.com/index.jsp?...ords=3394af4142e32b1fc8e96d64e36d50aa http://download.novell.com/index.jsp?...ords=49abe3090200555e6b5936a6ebf5473f http://download.novell.com/index.jsp?...ords=b3eb24d74bdd653ada797067c8107a34 SLE SDK 10 SP2 http://download.novell.com/index.jsp?...ords=d74d39d05b86ecd47749efef4c5cc4da http://download.novell.com/index.jsp?...ords=3394af4142e32b1fc8e96d64e36d50aa http://download.novell.com/index.jsp?...ords=49abe3090200555e6b5936a6ebf5473f http://download.novell.com/index.jsp?...ords=b3eb24d74bdd653ada797067c8107a34 SUSE Linux Enterprise 10 SP2 DEBUGINFO http://download.novell.com/index.jsp?...ords=d74d39d05b86ecd47749efef4c5cc4da http://download.novell.com/index.jsp?...ords=3394af4142e32b1fc8e96d64e36d50aa http://download.novell.com/index.jsp?...ords=49abe3090200555e6b5936a6ebf5473f http://download.novell.com/index.jsp?...ords=b3eb24d74bdd653ada797067c8107a34 SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?...ords=d74d39d05b86ecd47749efef4c5cc4da http://download.novell.com/index.jsp?...ords=b3eb24d74bdd653ada797067c8107a34 SUSE Linux Enterprise Desktop 10 SP2 for x86 http://download.novell.com/index.jsp?...ords=b3eb24d74bdd653ada797067c8107a34
参考网址
来源: MLIST 名称: [oss-security] 20090917 Re: CVE request: kernel: tc: uninitialised kernel memory leak 链接:http://www.openwall.com/lists/oss-security/2009/09/17/9 来源: MLIST 名称: [oss-security] 20090916 Re: CVE request: kernel: tc: uninitialised kernel memory leak 链接:http://www.openwall.com/lists/oss-security/2009/09/17/1 来源: MLIST 名称: [oss-security] 20090907 Re: CVE request: kernel: tc: uninitialised kernel memory leak 链接:http://www.openwall.com/lists/oss-security/2009/09/07/2 来源: MLIST 名称: [oss-security] 20090906 Re: CVE request: kernel: tc: uninitialised kernel memory leak 链接:http://www.openwall.com/lists/oss-security/2009/09/06/2 来源: MLIST 名称: [oss-security] 20090905 Re: CVE request: kernel: tc: uninitialised kernel memory leak 链接:http://www.openwall.com/lists/oss-security/2009/09/05/2 来源: www.kernel.org 链接:http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.13/ChangeLog-2.6.13-rc1 来源: MLIST 名称: [bk-commits-head] 20050629 [NETLINK]: Missing initializations in dumped data 链接:http://marc.info/?l=git-commits-head&m=112002138324380 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b3563c4fbff906991a1b4ef4609f99cca2a0de6a 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9ef1d4c7c7aca1cd436612b6ca785b726ffb8ed8 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8a47077a0b5aa2649751c46e7a27884e6686ccbf 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commit;h=3408cce0c2f380884070896420ca566704452fb5 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commit;h=30e744716c4a6cc4e8ecaaddf68f20057c03dc8d 来源: git.kernel.org 链接:http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commit;h=0f3f2328f63c521fe4b435f148687452f98b2349 来源: bugzilla.redhat.com 链接:https://bugzilla.redhat.com/show_bug.cgi?id=521601 来源: www.kernel.org 链接:http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.6
受影响实体
- Linux Linux_kernel:2.6.1
- Linux Linux_kernel:2.6.10
- Linux Linux_kernel:2.6.11
- Linux Linux_kernel:2.6.11.1
- Linux Linux_kernel:2.6.11.2
补丁
暂无
评论