Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11
CVSS Information
N/A
Vulnerability Type
对未经初始化资源的使用
Vulnerability Title
Linux kernel安全漏洞
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于Linux kernel 功能中的数据输出过多,用户态应用程序可以读取 sigpage 的内容,从而泄漏内核内存内容。攻击者可利用该漏洞允许本地用户访问可能敏感的信息。
CVSS Information
N/A
Vulnerability Type
N/A