IBM AIX versions 5.3, 6.1 and 7.1 releases VIOS 2.2.* suffer from kernel memory leak and denial of service vulnerabilities. It has been identified that the ptrace() system call can be manipulated by an unprivileged user into leaking uninitialized kernel memory and that the method by which this is achieved may also lead to a denial of service condition. This can be achieved by manipulating the parameters that are passed to the ptrace() system call when performing the PT_LDINFO operation. By calling ptrace(PT_LDINFO, childpid, leakbuffer, maximumleak, NULL) with a value of maximumleak that greater than that required for the expected result of the PT_LDINFO operation, the AIX kernel will xmalloc() this space (without initializing it), populate it and then perform a copy operation that returns the result within leakbuffer.
'취약점 정보1' 카테고리의 다른 글
| 2014-05-08 취약점 정리 (0) | 2014.05.08 |
|---|---|
| 2014-05-07 취약점정리 (0) | 2014.05.07 |
| Apache Struts2 내부설정 변경 취약점 보안업데이트 권고 (0) | 2014.05.07 |
| Windows Heap Overflow Exploitation (0) | 2014.05.05 |
| PHP 5.4.28 available. 19 bugs were fixed including CVE-2014-0185 (0) | 2014.05.05 |