Released on: 2010-08-31
Updated on: 2010-09-01
Affected Systems:
Linux kernel 2.6.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 42885
CVE (CAN) ID: CVE-2010-2955
Linux Kernel is the Kernel used by open source Linux.
The Linux Kernel Wireless Driver copies excessive Kernel heap memory to the user space, which allows local users to leak sensitive memory information by submitting a specially crafted siocgiwessid ioctl request.
<* Source: jubidu
Link: http://secunia.com/advisories/41245/
Http://forums.grsecurity.net/viewtopic.php? F = 3 & t = 2290 & start = 0 & sid = 18449fc1b343dae3e399899c54c2ba86 & view = print
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://lkml.org/lkml/2010/8/30/127