SecuritySpace - CVE-2016-4485

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID:	CVE-2016-4485
Description:	The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4485 BugTraq ID: 90015 http://www.securityfocus.com/bid/90015 Debian Security Information: DSA-3607 (Google Search) http://www.debian.org/security/2016/dsa-3607 http://www.openwall.com/lists/oss-security/2016/05/04/26 SuSE Security Announcement: SUSE-SU-2016:1672 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html SuSE Security Announcement: SUSE-SU-2016:1985 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html SuSE Security Announcement: openSUSE-SU-2016:1641 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html http://www.ubuntu.com/usn/USN-2989-1 http://www.ubuntu.com/usn/USN-2996-1 http://www.ubuntu.com/usn/USN-2997-1 http://www.ubuntu.com/usn/USN-2998-1 http://www.ubuntu.com/usn/USN-3000-1 http://www.ubuntu.com/usn/USN-3001-1 http://www.ubuntu.com/usn/USN-3002-1 http://www.ubuntu.com/usn/USN-3003-1 http://www.ubuntu.com/usn/USN-3004-1 http://www.ubuntu.com/usn/USN-3005-1 http://www.ubuntu.com/usn/USN-3006-1 http://www.ubuntu.com/usn/USN-3007-1