Linux Linux Kernel 4.6.3 Obtain Information Vulnerability
5 Aug. 2016
Summary
Linux Linux Kernel is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.