Headline
CVE-2011-2898: af_packet: prevent information leak · torvalds/linux@13fcb7b
net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.
Permalink
Browse files
af_packet: prevent information leak
In 2.6.27, commit 393e52e (packet: deliver VLAN TCI to userspace) added a small information leak.
Add padding field and make sure its zeroed before copy to user.
Signed-off-by: Eric Dumazet [email protected] CC: Patrick McHardy [email protected] Signed-off-by: David S. Miller [email protected]
- Loading branch information