Linux Kernel 'net/ipx/af_ipx.c' local message leakage Vulnerability

Release date:
Updated on:

Affected Systems:
Linux kernel <3.12.4
Description:
--------------------------------------------------------------------------------
Bugtraq id: 64741
CVE (CAN) ID: CVE-2013-7268

Linux Kernel is the Kernel of the Linux operating system.

In versions earlier than Linux kernel 3.12.4, although the ipx_recvmsg function in net/ipx/af_ipx.c updates some length values, it does not initialize the relevant data structure, which enables local users to use recvfrom, the recvmmsg and recvmsg systems call to obtain sensitive information about the kernel memory.

<* Source: Hannes Frederic Sowa
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.kernel.org/

Http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
CONFIRM: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
Https://bugzilla.redhat.com/show_bug.cgi? Id = 1039845
Https://github.com/torvalds/linux/commit/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c

Linux Kernel: click here
Linux Kernel: click here

The Linux kernel replaces iptables with nftables

Linux 3.12 code Suicidal Squirrel

How to install Linux 3.11 Kernel on Ubuntu

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12