Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 安全漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。 Linux kernel 4.15.4及之前版本中存在安全漏洞,该漏洞源于floppy驱动程序使用printk调用来显示内存函数和全局变量的地址。攻击者可利用该漏洞读取dmesg中的信息,并使用该地址获取内核代码和数据的位置,绕过安全保护(例如:KASLR)。
CVSS Information
N/A
Vulnerability Type
N/A