** Description changed: - Pablo Neira Ayuso discovered that avahi and potentially NetworkManager - accept spoofed Netlink messages because of a kernel bug. The kernel - passes all-zero SCM_CREDENTIALS ancillary data to the receiver if the - sender did not provide such data, instead of not including any such data - at all or including the correct data from the peer (as it is the case - with AF_UNIX). + The Netlink implementation in the Linux kernel before 3.2.30 does not + properly handle messages that lack SCM_CREDENTIALS data, which might + allow local users to spoof Netlink communication via a crafted message, + as demonstrated by a message to (1) Avahi or (2) NetworkManager. Break-Fix: 16e5726269611b71c930054ffe9b858c1cea88eb e0e3cea46d31d23dc40df0a49a7a2c04fe8edfea
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1052097 Title: CVE-2012-3520 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1052097/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
