Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
vzkernel before 042stab080.2 in the OpenVZ modification for the Linux kernel 2.6.32 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via (1) a crafted ploop driver ioctl call, related to the ploop_getdevice_ioc function in drivers/block/ploop/dev.c, or (2) a crafted quotactl system call, related to the compat_quotactl function in fs/quota/quota.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenVZ Kernel Memory Leak 多个本地信息泄露漏洞
Vulnerability Description
OpenVZ是OpenVZ项目的一套基于Linux内核的操作系统级虚拟化技术,也被称为虚拟专用服务器(VPS)或虚拟环境(VE),它具有允许物理服务器运行多个操作系统的特点。 OpenVZ modification for the Linux kernel 2.6.32版本中的vzkernel 042stab080.2之前的版本中drivers/block/ploop/dev.c文件中的‘ploop_getdevice_ioc’函数和fs/quota/quota.c文件中的‘compat_quotactl
CVSS Information
N/A
Vulnerability Type
N/A