The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.
The product does not initialize a critical resource.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 2.6.36 (excluding) |
Linux_kernel | Linux | 2.6.36 (including) | 2.6.36 (including) |
Linux_kernel | Linux | 2.6.36-rc1 (including) | 2.6.36-rc1 (including) |
Linux_kernel | Linux | 2.6.36-rc2 (including) | 2.6.36-rc2 (including) |
Linux_kernel | Linux | 2.6.36-rc3 (including) | 2.6.36-rc3 (including) |
Linux_kernel | Linux | 2.6.36-rc4 (including) | 2.6.36-rc4 (including) |
Linux_kernel | Linux | 2.6.36-rc5 (including) | 2.6.36-rc5 (including) |