Linux Kernel DM-Crypt Local Information Disclosure Vulnerability

The Linux kernel 'dm-crypt' module is susceptible to a local information-disclosure vulnerability. This issue is due to the module's failure to properly zero-sensitive memory buffers before freeing the memory.

This issue may allow local attackers to gain access to potentially sensitive memory that contains information on the cryptographic key used for the encrypted storage. This may aid attackers in further attacks.

This issue affects the 2.6 series of the Linux kernel.


 

Privacy Statement
Copyright 2010, SecurityFocus