Computer Security
[EN] no-pyccku

Linux kernel uninitialized pointers
updated since 14.08.2009
SecurityVulns ID:10150
Threat Level:
Description:proto_ops structure uninitialized pointers.
Affected:LINUX : kernel 2.4
 LINUX : kernel 2.6
CVE:CVE-2009-2692 (The Linux kernel 2.6.0 through, and 2.4.4 through, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket.)
Original documentdocumentRamon de Carvalho Valle, [Full-disclosure] Illustrating the Linux sock_sendpage() NULL pointer dereference on Power/Cell BE Architecture (31.08.2009)
 documentTavis Ormandy, Linux NULL pointer dereference due to incorrect proto_ops initializations (14.08.2009)
Files:proto_ops uninitialized pointer exploit
 Exploits Linux sock_sendpage() NULL pointer dereference

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod