Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel ‘ptrace_setxregs’ 函数信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.1之前版本的arch/xtensa/kernel/ptrace.c中的ptrace_setxregs函数中存在漏洞,该漏洞源于未验证用户空间指针。本地用户可利用该漏洞借助特制的PTRACE_SETXTREGS请求获取来自内核内存位置的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A