Linux Kernel USB Driver Uninitialized Structures May Disclose Kernel Memory to Local Users
|
|
SecurityTracker Alert ID: 1011078
|
|
SecurityTracker URL: http://securitytracker.com/id?1011078
|
|
CVE Reference: CAN-2004-0685
(Links to External Site)
|
Date: Aug 27 2004
|
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 2.4.27
|
Description: A vulnerability was reported in the Linux kernel in certain USB drivers. A local user may be able to obtain kernel memory contents.
Several vendors reported that certain USB drivers in the Linux kernel use uninitialized structures and then make copy_to_user(...)
kernel calls from these structures. As a result, a local user may be able to obtain uninitialized kernel memory contents.
|
Impact: A local user may be able to obtain portions of kernel memory.
|
Solution: A fixed kernel version (2.4.27) is available at:
http://kernel.org/
|
Cause: Access control error, State error
|
Underlying OS: Linux (Caldera/SCO), Linux (Conectiva), Linux (Debian), Linux (EnGarde), Linux (Gentoo), Linux (HP Secure OS), Linux (Immunix), Linux (Mandrake), Linux (Progeny Debian), Linux (Red Hat Enterprise), Linux (Red Hat Fedora), Linux (Red Hat Linux), Linux (SGI), Linux (Slackware), Linux (Sun), Linux (SuSE), Linux (Trustix), Linux (Turbo Linux), Linux (Xandros)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Aug 9, 2004
Subject: CAN-2004-0685
|
Several vendors reported that certain USB drivers in the Linux kernel use uninitialized
structures and then make copy_to_user(...) kernel calls from these structures. As a
result, a local user may be able to obtain uninitialized kernel memory contents.
CVE: CAN-2004-0685
|
|
