Linux kernel Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Summary

Linux kernel suffers from exposure of sensitive information to an unauthorized actor vulnerability

Credit:

The information has been provided by Alexander Potapenko

The original article can be found at:https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=aca969cacf07f41070d788ce2b8ca71f09d5207d


Details

A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.

 

Vulnerable Systems:

Linux kernel

 

CVE Information:

CVE-2020-10732

Disclosure Timeline:
Published Date:6/12/2020

Categories: News