Published: 28/12/2015 Updated: 07/12/2016

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 2.3 | Impact Score: 1.4 | Exploitability Score: 0.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel up to and including 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmtc in the Linux kernel through 433 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application ...

CWE-200 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05 https://github.com/torvalds/linux/commit/4b6184336ebb5c8dc1eae7f7ab46ee608a748b05 https://bugzilla.redhat.com/show_bug.cgi?id=1274728 http://www.openwall.com/lists/oss-security/2015/10/21/8 http://www.securityfocus.com/bid/77317 http://www.securitytracker.com/id/1034896 http://www.ubuntu.com/usn/USN-2843-1 http://www.ubuntu.com/usn/USN-2842-1 http://www.ubuntu.com/usn/USN-2844-1 http://www.ubuntu.com/usn/USN-2841-1 http://www.ubuntu.com/usn/USN-2842-2 http://www.ubuntu.com/usn/USN-2843-3 http://www.ubuntu.com/usn/USN-2841-2 http://www.ubuntu.com/usn/USN-2843-2 https://nvd.nist.gov https://usn.ubuntu.com/2843-3/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook