CVE-2006-1343

Severity

21%

Complexity

39%

Confidentiality

48%

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N).

Overview

Type

Linux Kernel

First reported 18 years ago

2006-03-21 18:02:00

Last updated 6 years ago

2018-10-18 16:32:00

Affected Software

Linux Kernel 2.4.0

2.4.0

Linux Kernel 2.6.0

2.6.0

References

[linux-netdev] 20060304 BUG: Small information leak in SO_ORIGINAL_DST (2.4 and 2.6) and

19357

19955

20671

21045

21136

21465

21983

22093

22417

22875

http://support.avaya.com/elmodocs2/security/ASA-2006-180.htm

http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm

DSA-1097

DSA-1184

MDKSA-2006:123

MDKSA-2006:150

29841

RHSA-2006:0437

RHSA-2006:0575

RHSA-2006:0579

RHSA-2006:0580

20060531 rPSA-2006-0087-1 kernel

20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4

20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2

20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1

20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2

17203

2006-0032

http://www.vmware.com/download/esx/esx-202-200610-patch.html

http://www.vmware.com/download/esx/esx-213-200610-patch.html

http://www.vmware.com/download/esx/esx-254-200610-patch.html

ADV-2006-2071

ADV-2006-4502

linux-sockaddr-memory-leak(25425)

oval:org.mitre.oval:def:10875

USN-281-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.