Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2013-2148
Description:The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.
Test IDs: 1.3.6.1.4.1.25623.1.0.841539   1.3.6.1.4.1.25623.1.0.702745  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-2148
http://lkml.org/lkml/2013/6/3/128
http://www.openwall.com/lists/oss-security/2013/06/05/26
SuSE Security Announcement: SUSE-SU-2013:1473 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
SuSE Security Announcement: SUSE-SU-2013:1474 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1971 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://www.ubuntu.com/usn/USN-1929-1
http://www.ubuntu.com/usn/USN-1930-1




© 1998-2021 E-Soft Inc. All rights reserved.