[K12OSN] Re: 6307 Linux Kernel e1000 Network Driver Kernel Memory Disclosure.htm

Mario Guerra mguerra at cariari.ucr.ac.cr
Mon May 24 20:04:51 UTC 2004


El Mon, 24 May 2004 13:53:47 -0600, Edgar Quesada 
<quesadag at cariari.ucr.ac.cr> escribió:

> Para su información.
>
>
> Description:
>
> The e1000 network driver in Linux kernel contains a flaw that may lead 
> to an
> unauthorized information disclosure. The issue is triggered due to 
> insecure
> use of the "copy_to_user()" function, when copying data from kernel space
> into user space, which will disclose an arbitrary amount of kernel memory
> resulting in a loss of confidentiality.
>
>

Gracias, Edgar.

Esa vulnerabilidad se aplica con tarjetas de red de giga de Intel. En el 
caso de Cariari se usa el driver tg3, por lo que no es aplicable a ese 
servidor.

Saludos.

Mario
-- 
Usando M2, el revolucionario cliente de correo de Opera: 
http://www.opera.com/m2/





More information about the K12OSN mailing list