Vigil@nce - Linux kernel: information disclosure via taskstats/io
June 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local attacker can use taskstats or /proc/pid/io to obtain
information on a process.
Severity: 1/4
Creation date: 24/06/2011
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION OF THE VULNERABILITY
The NETLINK Taskstats interface can be used by a user to obtain
statistics on a process. The /proc/pid/io file can be used by a
user to obtain statistics on data managed by a process.
However, these statistics can give information to an attacker. If
he knows the size of exchanged messages, he can for example guess
the size of the password. If he knows informations about the
activity, he can for example guess if a file exists.
A local attacker can therefore use taskstats or /proc/pid/io to
obtain information on a process.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-via-taskstats-io-10776