Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel‘bnep_sock_ioctl’函数信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 2.6.39之前版本中的net/bluetooth/bnep/sock.c中的bnep_sock_ioctl函数中存在漏洞,该漏洞源于未能确定某些名字字段以‘’字符结束。本地攻击者可利用该漏洞通过BNEPCONNADD命令从内核栈内存中获得敏感信息或导致拒绝服务(BUG和系统崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A