Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[CVE-2016-6136] Double-Fetch Vulnerability in Linux-4.6/kernel/auditsc.c
Jul 04 2016 03:05PM
wpengfeinudt gmail com
I found this double-fetch vulnerability when I was doing my research on double-fetch issue analysis, and I?d like to make an announcement here.
This was found in Linux kernel file Linux-4.6/kernel/auditsc.c, and crafted user space data change under race condition will make control strings processe...
[ more ]
Copyright 2010, SecurityFocus