New Search

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures which might allow local users to obtain sensitive information from kernel memory via unspecified vectors related to the (1) tc_fill_qdisc (2) tcf_fill_node (3) neightbl_fill_info (4) neightbl_fill_param_info (5) neigh_fill_info (6) rtnetlink_fill_ifinfo (7) rtnetlink_fill_iwinfo (8) vif_delete (9) ipmr_destroy_unres (10) ipmr_cache_alloc_unres (11) ipmr_cache_resolve (12) inet6_fill_ifinfo (13) tca_get_fill (14) tca_action_flush (15) tcf_add_notify (16) tc_dump_action (17) cbq_dump_police (18) __nlmsg_put (19) __rta_fill (20) __rta_reserve (21) inet6_fill_prefix (22) rsvp_dump and (23) cbq_dump_ovl functions.

oval:org.mitre.oval:def:11744

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures which might allow local users to obtain sensitive information from kernel memory via unspecified vectors related to the (1) tc_fill_qdisc (2) tcf_fill_node (3) neightbl_fill_info (4) neightbl_fill_param_info (5) neigh_fill_info (6) rtnetlink_fill_ifinfo (7) rtnetlink_fill_iwinfo (8) vif_delete (9) ipmr_destroy_unres (10) ipmr_cache_alloc_unres (11) ipmr_cache_resolve (12) inet6_fill_ifinfo (13) tca_get_fill (14) tca_action_flush (15) tcf_add_notify (16) tc_dump_action (17) cbq_dump_police (18) __nlmsg_put (19) __rta_fill (20) __rta_reserve (21) inet6_fill_prefix (22) rsvp_dump and (23) cbq_dump_ovl functions.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2005-4881
Product(s):