CVE-2013-3227

Published April 22nd, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.9

MEDIUM

Affected

PROJECT

Description

The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

torvalds/linux

Linux kernel source tree

GitHub

237K