Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sun Solaris I_PEEK IOCTL处理器本地信息泄露漏洞
Vulnerability Description
Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris内核的FIFO实现上存在漏洞,本地攻击者可能利用此漏洞获取内核的敏感信息。 Solaris中的FIFO内核ioctl()处理器存在安全漏洞,该处理器使用I_PEEK ioctl读取FIFO中的一些字节,但没有将这些字节从队列中删除。该命令中的一个参数代表所要读取的字节数,而该参数为整型整数值。由于没有正确地验证这个参数,因此负值就可以导致泄露大量的内核内存内容。
CVSS Information
N/A
Vulnerability Type
N/A