Descriptionnet/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2006:028, published Wed, 31 May 2006 18:00:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 01:59:42 2013
CVE page last modified: Fri Oct 7 12:45:33 2022