[CVE-2010-4158]
Stefan Bader
stefan.bader at canonical.com
Fri Feb 18 16:41:44 UTC 2011
https://bugs.launchpad.net/ubuntu/dapper/+source/linux/+bug/721282
The sk_run_filter function in net/core/filter.c in the Linux kernel before
2.6.36.2 does not check whether a certain memory location has been
initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM
instruction, which allows local users to obtain potentially sensitive
information from kernel stack memory via a crafted socket filter.
Changes are already released in Natty and Maverick. For Lucid, Karmic,
Hardy the backport just works around different environmental lines of
code. Same for Dapper, just different lines.
-Stefan
More information about the kernel-team
mailing list