The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.
Software | From | Fixed in |
---|---|---|
debian / debian_linux | 5.0 | 5.0.x |
linux / linux_kernel | - | 2.6.36 |
linux / linux_kernel | 2.6.36 | 2.6.36.x |
linux / linux_kernel | 2.6.36-rc1 | 2.6.36-rc1.x |
linux / linux_kernel | 2.6.36-rc2 | 2.6.36-rc2.x |
linux / linux_kernel | 2.6.36-rc3 | 2.6.36-rc3.x |
linux / linux_kernel | 2.6.36-rc4 | 2.6.36-rc4.x |
linux / linux_kernel | 2.6.36-rc5 | 2.6.36-rc5.x |
linux / linux_kernel | 2.6.36-rc6 | 2.6.36-rc6.x |
linux / linux_kernel | 2.6.36-rc7 | 2.6.36-rc7.x |