An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a…
redhat·CWE-909·Published 2022-02-11
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.
Se ha encontrado un fallo de fuga de información debido a una memoria no inicializada en el subsistema de protocolo TIPC del kernel de Linux, en la forma en que un usuario envía un datagrama TIPC a uno o más destinos. Este fallo permite a un usuario local leer parte de la memoria del kernel. Este problema se limita a no más de 7 bytes, y el usuario no puede controlar lo que se lee. Este fallo afecta a las versiones del kernel de Linux anteriores a la 5.17-rc1
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 2.1 | 3.9 | 2.9 | AV:L/AC:L/Au:N/C:P/I:N/A:N |
| 3.1 | Primary | NVD | 5.5 | 1.8 | 3.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |