Vigil@nce - Linux kernel: memory reading via recv
January 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can call functions of the recv family on the
Linux kernel, in order to read fragments of the kernel memory.
Impacted products: Linux
Severity: 1/4
Creation date: 31/12/2013
DESCRIPTION OF THE VULNERABILITY
The recvmsg() and recvfrom() functions are used to receive data
from a network socket.
However, these functions do not correctly check the size of the
msg_name length (msg_namelen). Some bytes are thus not initialized
before being returned to the user.
A local attacker can therefore call functions of the recv family
on the Linux kernel, in order to read fragments of the kernel
memory.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-memory-reading-via-recv-14003