6.8 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
0.0004 Low
EPSS
Percentile
9.5%
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
linux:linux_kernel | linux linux kernel | lt | 2.6.19 |
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=3022d734a54cbd2b65eea9a024564821101b4a9a%3Bhp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff
rhn.redhat.com/errata/RHSA-2008-0508.html
secunia.com/advisories/30849
secunia.com/advisories/30850
secunia.com/advisories/31107
secunia.com/advisories/31551
secunia.com/advisories/31628
www.debian.org/security/2008/dsa-1630
www.mandriva.com/security/advisories?name=MDVSA-2008:174
www.redhat.com/support/errata/RHSA-2008-0519.html
www.redhat.com/support/errata/RHSA-2008-0585.html
www.securityfocus.com/bid/29943
www.securitytracker.com/id?1020364
www.ubuntu.com/usn/usn-625-1
bugzilla.redhat.com/show_bug.cgi?id=451271
exchange.xforce.ibmcloud.com/vulnerabilities/43558
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571