|Description||net/packet/af_packet.c in the Linux kernel before 188.8.131.52 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)|
|NVD severity||medium (attack range: local)|
The information below is based on the following data on fixed versions.
[lenny] - linux-2.6 <not-affected> (introduced in 2.6.27)