** Description changed: - Linux kernel: various info leaks + net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that + the actual Netlink message length is consistent with a certain header + field, which allows local users to obtain sensitive information from + kernel heap memory by leveraging the CAP_NET_ADMIN capability and + providing a (1) new or (2) updated state. Break-Fix: - ecd7918745234e423dd87fcc0c077da557909720
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1156712 Title: CVE-2012-6536 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1156712/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs