Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel‘mnl_nlmsg_portid_ok()’函数本地安全绕过漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.5.5之前版本的net/netlink/af_netlink.c文件中的‘netlink_sendmsg’函数存在安全漏洞,该漏洞源于程序没有验证‘dst_pid’字段。本地攻击者可通过伪造Netlink消息利用该漏洞绕过安全限制,执行未授权操作。
CVSS Information
N/A
Vulnerability Type
N/A