CVE-2006-1588 Information

Description

The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process which allows local users to obtain portions of kernel memory.

Reference

ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-005.txt.asc http://secunia.com/advisories/19464 http://securitytracker.com/id?1015846 http://www.osvdb.org/24262 http://www.securityfocus.com/bid/17312 https://exchange.xforce.ibmcloud.com/vulnerabilities/25582