Vulnerability title Linux Kernel viafb_ioctl_get_viafb_info function Information Leakage Vulnerability
Whether or not to publish for the first time
Release date: 2010.12.28
Vulnerability causes and other errors
Vulnerability-caused threats unauthorized information leakage
Affected Product Linux Kernel <2.6.36-rc5
Vulnerability description Linux Kernel is the Kernel of the open-source operating system Linux. The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl. c files earlier than Linux kernel 2.6.36-rc5 cannot correctly initialize a struct member. Local users can use the VIAFB_GET_INFO Input/Output Control call to obtain potential sensitive information from the kernel stack memory.
Vulnerability solution currently the vendor has released the upgrade patch to fix this security problem, patch get link: http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = b4aaa78f4c2f9cde2f335b14f4ca30b01f9651ca