The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel up to and including 4.6.3 does not initialize a certain structure member, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading an RDS message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fedoraproject fedora 23 |
||
suse linux enterprise real time extension 11 |
||
fedoraproject fedora 24 |
||
suse linux enterprise debuginfo 11 |
||
suse linux enterprise real time extension 12 |
||
suse linux enterprise server 11 |
||
redhat enterprise linux 6.0 |
||
suse suse linux enterprise software development kit 11 |
||
suse linux enterprise workstation extension 12 |
||
redhat enterprise linux 5 |
||
suse linux enterprise desktop 12 |
||
suse opensuse leap 42.1 |
||
suse suse linux enterprise software development kit 12 |
||
fedoraproject fedora 22 |
||
linux linux kernel |
||
suse suse linux enterprise server 12 |