The bridge ioctl (if_bridge code) in NetBSD 1.6 up to and including 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netbsd netbsd 1.6 |
||
netbsd netbsd 2.1 |
||
netbsd netbsd 3.0 |
||
netbsd netbsd 2.0 |
||
netbsd netbsd 2.0.1 |
||
netbsd netbsd 2.0.2 |
||
netbsd netbsd 2.0.3 |
||
netbsd netbsd 1.6.1 |
||
netbsd netbsd 1.6.2 |