Updated: 2023-11-24
CWE: Buffer Errors
Description:
The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket.
CVSS3:
| OS | Vendor version | Errata |
|---|---|---|
| CentOS 6 | 2.6.32-358.18.1.el6 | CESA-2013:1173 |
| CentOS 6 plus | 2.6.32-358.18.1.el6.centos.plus | CESA-2013:1173 |
| Scientific 6 | 2.6.32-358.18.1.el6 | CESA-2013:1173 |
| Oracle Linux 6 | 2.6.32-358.18.1.el6 | ELSA-2013-1173 |
| RHEL 6 | 2.6.32-358.18.1.el6 | RHSA-2013:1173 |
| OS | Original kernel version | State |
|---|---|---|
| OEL 6 Dell | |
Ready For Release |
| Debian 9 backports | |
Will Not Fix |
| Debian 10 cloud | |
Will Not Fix |
| CentOS 6 |
2.6.32-279.14.1.el6
show all
hide all
2.6.32-358.2.1.el6
2.6.32-358.0.1.el6
2.6.32-358.6.2.el6
2.6.32-358.6.1.el6
2.6.32-358.14.1.el6
2.6.32-279.9.1.el6
2.6.32-279.11.1.el6
2.6.32-358.11.1.el6
2.6.32-279.22.1.el6
2.6.32-358.el6
2.6.32-279.2.1.el6
2.6.32-279.5.1.el6
2.6.32-279.5.2.el6
2.6.32-279.19.1.el6
|
Released |
| OpenVZ 6 |
2.6.32-042stab076.7
show all
hide all
2.6.32-042stab076.8
2.6.32-042stab078.22
2.6.32-042stab078.26
2.6.32-042stab078.27
2.6.32-042stab078.28
2.6.32-042stab079.4
2.6.32-042stab079.5
2.6.32-042stab079.6
|
Released |
| CentOS 6 plus |
2.6.32-358.0.1.el6.centos.plus
show all
hide all
2.6.32-279.19.1.el6.centos.plus
2.6.32-358.6.1.el6.centos.plus
2.6.32-358.14.1.el6.centos.plus
2.6.32-279.9.1.el6.centos.plus
2.6.32-279.11.1.el6.centos.plus
2.6.32-279.22.1.el6.centos.plus
2.6.32-358.2.1.el6.centos.plus
2.6.32-279.2.1.el6.centos.plus
2.6.32-279.5.1.el6.centos.plus
2.6.32-279.5.2.el6.centos.plus
2.6.32-358.6.2.el6.centos.plus
2.6.32-358.11.1.el6.centos.plus
2.6.32-358.el6.centos.plus
2.6.32-279.14.1.el6.centos.plus
|
Released |
| Scientific 6 |
2.6.32-358.2.1.el6
show all
hide all
2.6.32-279.14.1.el6
2.6.32-279.2.1.el6
2.6.32-279.5.2.el6
2.6.32-279.5.1.el6
2.6.32-279.22.1.el6
2.6.32-358.11.1.el6
2.6.32-358.6.2.el6
2.6.32-279.19.1.el6
2.6.32-279.9.1.el6
2.6.32-358.14.1.el6
2.6.32-279.11.1.el6
2.6.32-358.el6
2.6.32-358.0.1.el6
2.6.32-358.6.1.el6
|
Released |
| Oracle Linux 6 |
2.6.32-279.5.1.el6
show all
hide all
2.6.32-279.5.2.el6
2.6.32-358.14.1.el6
2.6.32-358.11.1.el6
2.6.32-358.0.1.el6
2.6.32-358.6.2.el6
2.6.32-358.2.1.el6
2.6.32-279.19.1.el6
2.6.32-358.6.1.el6
2.6.32-279.11.1.el6
2.6.32-279.2.1.el6
2.6.32-279.9.1.el6
2.6.32-279.22.1.el6
2.6.32-358.el6
2.6.32-279.14.1.el6
|
Released |
| CloudLinux OS 6 |
2.6.32-379.22.1.lve1.2.17.1.el6
show all
hide all
2.6.32-379.22.1.lve1.2.17.el6
2.6.32-458.6.2.lve1.2.26.1.el6
2.6.32-458.6.2.lve1.2.28.el6
2.6.32-458.6.2.lve1.2.30.el6
|
Released |
| RHEL 6 |
2.6.32-279.11.1.el6
show all
hide all
2.6.32-279.14.1.el6
2.6.32-279.19.1.el6
2.6.32-279.2.1.el6
2.6.32-279.22.1.el6
2.6.32-279.5.1.el6
2.6.32-279.5.2.el6
2.6.32-279.9.1.el6
2.6.32-358.0.1.el6
2.6.32-358.11.1.el6
2.6.32-358.14.1.el6
2.6.32-358.2.1.el6
2.6.32-358.6.1.el6
2.6.32-358.6.2.el6
2.6.32-358.el6
|
Released |