Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-2847
HistoryAug 18, 2009 - 9:00 p.m.

CVE-2009-2847

2009-08-1821:00:00
[email protected]
web.nvd.nist.gov
5

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

0.4%

JSON

The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.

Affected configurations

Nvd
Node
linuxkernelMatch2.6.24.7
OR
linuxkernelMatch2.6.25.15
OR
linuxlinux_kernelRange2.6.16.31-rc5
OR
linuxlinux_kernelMatch2.6
OR
linuxlinux_kernelMatch2.6.0
OR
linuxlinux_kernelMatch2.6.1
OR
linuxlinux_kernelMatch2.6.10
OR
linuxlinux_kernelMatch2.6.11
OR
linuxlinux_kernelMatch2.6.11.1
OR
linuxlinux_kernelMatch2.6.11.2
OR
linuxlinux_kernelMatch2.6.11.3
OR
linuxlinux_kernelMatch2.6.11.4
OR
linuxlinux_kernelMatch2.6.11.5
OR
linuxlinux_kernelMatch2.6.11.6
OR
linuxlinux_kernelMatch2.6.11.7
OR
linuxlinux_kernelMatch2.6.11.8
OR
linuxlinux_kernelMatch2.6.11.9
OR
linuxlinux_kernelMatch2.6.11.10
OR
linuxlinux_kernelMatch2.6.11.11
OR
linuxlinux_kernelMatch2.6.11.12
OR
linuxlinux_kernelMatch2.6.12
OR
linuxlinux_kernelMatch2.6.12.1
OR
linuxlinux_kernelMatch2.6.12.2
OR
linuxlinux_kernelMatch2.6.12.3
OR
linuxlinux_kernelMatch2.6.12.4
OR
linuxlinux_kernelMatch2.6.12.5
OR
linuxlinux_kernelMatch2.6.12.6
OR
linuxlinux_kernelMatch2.6.13
OR
linuxlinux_kernelMatch2.6.13.1
OR
linuxlinux_kernelMatch2.6.13.2
OR
linuxlinux_kernelMatch2.6.13.3
OR
linuxlinux_kernelMatch2.6.13.4
OR
linuxlinux_kernelMatch2.6.13.5
OR
linuxlinux_kernelMatch2.6.14
OR
linuxlinux_kernelMatch2.6.14.1
OR
linuxlinux_kernelMatch2.6.14.2
OR
linuxlinux_kernelMatch2.6.14.3
OR
linuxlinux_kernelMatch2.6.14.4
OR
linuxlinux_kernelMatch2.6.14.5
OR
linuxlinux_kernelMatch2.6.14.6
OR
linuxlinux_kernelMatch2.6.14.7
OR
linuxlinux_kernelMatch2.6.15
OR
linuxlinux_kernelMatch2.6.15.1
OR
linuxlinux_kernelMatch2.6.15.2
OR
linuxlinux_kernelMatch2.6.15.3
OR
linuxlinux_kernelMatch2.6.15.4
OR
linuxlinux_kernelMatch2.6.15.5
OR
linuxlinux_kernelMatch2.6.15.6
OR
linuxlinux_kernelMatch2.6.15.7
OR
linuxlinux_kernelMatch2.6.16
OR
linuxlinux_kernelMatch2.6.16.1
OR
linuxlinux_kernelMatch2.6.16.2
OR
linuxlinux_kernelMatch2.6.16.3
OR
linuxlinux_kernelMatch2.6.16.10
OR
linuxlinux_kernelMatch2.6.16.11
OR
linuxlinux_kernelMatch2.6.16.12
OR
linuxlinux_kernelMatch2.6.16.13
OR
linuxlinux_kernelMatch2.6.16.14
OR
linuxlinux_kernelMatch2.6.16.15
OR
linuxlinux_kernelMatch2.6.16.16
OR
linuxlinux_kernelMatch2.6.16.17
OR
linuxlinux_kernelMatch2.6.16.18
OR
linuxlinux_kernelMatch2.6.16.19
OR
linuxlinux_kernelMatch2.6.16.20
OR
linuxlinux_kernelMatch2.6.16.21
OR
linuxlinux_kernelMatch2.6.16.22
OR
linuxlinux_kernelMatch2.6.16.23
OR
linuxlinux_kernelMatch2.6.16.24
OR
linuxlinux_kernelMatch2.6.16.25
OR
linuxlinux_kernelMatch2.6.16.26
OR
linuxlinux_kernelMatch2.6.16.27
OR
linuxlinux_kernelMatch2.6.16.28
OR
linuxlinux_kernelMatch2.6.16.29
OR
linuxlinux_kernelMatch2.6.16.30
OR
linuxlinux_kernelMatch2.6.16.31
OR
linuxlinux_kernelMatch2.6.16.31-rc1
OR
linuxlinux_kernelMatch2.6.16.31-rc2
OR
linuxlinux_kernelMatch2.6.16.31-rc3
OR
linuxlinux_kernelMatch2.6.16.31-rc4
AND
linuxlinuxx64
VendorProductVersionCPE
linuxkernel2.6.24.7cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*
linuxkernel2.6.25.15cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*
linuxlinux_kernel2.6cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*
linuxlinux_kernel2.6.0cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
linuxlinux_kernel2.6.1cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
linuxlinux_kernel2.6.10cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
linuxlinux_kernel2.6.11cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
linuxlinux_kernel2.6.11.1cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*
linuxlinux_kernel2.6.11.2cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 801

References

Related

veracode 1
prion 1
cvelist 1
ubuntucve 1
cve 1
exploitdb 1
nessus 15
redhat 4
openvas 44
centos 2
debian 2
securityvulns 2
oraclelinux 2
osv 2
fedora 12
ubuntu 1
vmware 2
veracode
veracode
Information Disclosure
2020-04-10 00:35:39
prion
prion
Stack overflow
2009-08-18 21:00:00
cvelist
cvelist
CVE-2009-2847
2009-08-18 20:41:00
ubuntucve
ubuntucve
CVE-2009-2847
2009-08-18 00:00:00
cve
cve
CVE-2009-2847
2009-08-18 21:00:00
exploitdb
exploitdb
Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure
2009-08-04 00:00:00
nessus
nessus
RHEL 5 : kernel (RHSA-2009:1466)
2013-01-24 00:00:00
CentOS 4 : kernel (CESA-2009:1438)
2010-01-06 00:00:00
Fedora 11 : kernel-2.6.29.6-217.2.16.fc11 (2009-9044)
2009-08-27 00:00:00
redhat
redhat
(RHSA-2009:1466) Important: kernel security and bug fix update
2009-09-29 00:00:00
(RHSA-2009:1239) Important: kernel-rt security and bug fix update
2009-09-01 00:00:00
(RHSA-2009:1438) Important: kernel security and bug fix update
2009-09-15 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:1438
2009-09-15 00:00:00
RedHat Security Advisory RHSA-2009:1239
2009-09-09 00:00:00
RedHat Security Advisory RHSA-2009:1438
2009-09-15 00:00:00
centos
centos
kernel security update
2009-09-16 03:38:30
kernel security update
2009-09-15 18:17:47
debian
debian
[SECURITY] [DSA 1872-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-08-24 18:59:41
[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-11-05 22:03:48
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2009-08-25 00:00:00
[SECURITY] [DSA 1872-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-08-25 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-09-15 00:00:00
Oracle Enterprise Linux 5.4 kernel security and bug fix update
2009-09-08 00:00:00
osv
osv
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2009-08-24 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-90.fc11
2009-10-27 06:48:07
[SECURITY] Fedora 11 Update: kernel-2.6.29.6-217.2.16.fc11
2009-08-27 02:19:22
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-96.fc11
2009-11-06 00:03:20
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

0.4%

JSON
Related for NVD:CVE-2009-2847
veracode1prion1cvelist1ubuntucve1cve1exploitdb1nessus15redhat4openvas44centos2debian2securityvulns2oraclelinux2osv2fedora12ubuntu1vmware2