Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.x
OpenVZ Project OpenVZ 028stab091. 1
AVAYA Voice Portal 5.x
AVAYA Voice Portal 4.x
AVAYA Aura SIP Enablement Services 5.x
AVAYA Aura SIP Enablement Services 4.x
Unaffected system:
AVAYA Voice Portal 5.1 SP1
AVAYA Aura SIP Enablement Services 5.2.1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 45972
Cve id: CVE-2011-4655
Linux Kernel is the Kernel of the Linux operating system.
Linux Kernel has the information leakage vulnerability in ethtool. c. Local attackers can exploit this vulnerability to obtain sensitive information from the stack.
<* Source: Timo Warns
Kees Cook (kees@ubuntu.com)
Link: http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = b00916b189d13a615ff05c9242201135992fcda3
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/