The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-01-03T19:26:00

Updated: 2024-08-07T03:26:11.799Z

Reserved: 2010-10-08T00:00:00

Link: CVE-2010-3877

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-01-03T20:00:42.200

Modified: 2024-11-21T01:19:48.583

Link: CVE-2010-3877

cve-icon Redhat

Severity : Low

Publid Date: 2010-10-31T00:00:00Z

Links: CVE-2010-3877 - Bugzilla