Description
An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
References
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11
Mailing ListRelease NotesVendor Advisory
Mailing ListPatchVendor Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2021-03-30T21:15:14.157
4 years agoLast modified
2023-11-07T03:32:41.600
1 year ago