The pn_recvmsg function in net/phonet/datagram.c in the...
Moderate severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Jan 6, 2014
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Feb 3, 2023
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
References