** Description changed: net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state. - Break-Fix: - ecd7918745234e423dd87fcc0c077da557909720 + Break-Fix: d8647b79c3b7e223ac051439d165bc8e7bbb832f + ecd7918745234e423dd87fcc0c077da557909720
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1156712 Title: CVE-2012-6536 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1156712/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
