Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel proc文件系统实现敏感信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 2.6.37及之前版本中的proc文件系统实现在某进程执行setuid程序的exec后,没有限制对该进程的/proc目录树的访问。本地用户可以借助open,lseek,read,以及write系统调用获取敏感信息或者导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A