Lucene search

K
nvd[email protected]NVD:CVE-2009-2847
HistoryAug 18, 2009 - 9:00 p.m.

CVE-2009-2847

2009-08-1821:00:00
web.nvd.nist.gov
8

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

0.4%

The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.

Affected configurations

Nvd
Node
linuxkernelMatch2.6.24.7
OR
linuxkernelMatch2.6.25.15
OR
linuxlinux_kernelRange2.6.16.31-rc5
OR
linuxlinux_kernelMatch2.6
OR
linuxlinux_kernelMatch2.6.0
OR
linuxlinux_kernelMatch2.6.1
OR
linuxlinux_kernelMatch2.6.10
OR
linuxlinux_kernelMatch2.6.11
OR
linuxlinux_kernelMatch2.6.11.1
OR
linuxlinux_kernelMatch2.6.11.2
OR
linuxlinux_kernelMatch2.6.11.3
OR
linuxlinux_kernelMatch2.6.11.4
OR
linuxlinux_kernelMatch2.6.11.5
OR
linuxlinux_kernelMatch2.6.11.6
OR
linuxlinux_kernelMatch2.6.11.7
OR
linuxlinux_kernelMatch2.6.11.8
OR
linuxlinux_kernelMatch2.6.11.9
OR
linuxlinux_kernelMatch2.6.11.10
OR
linuxlinux_kernelMatch2.6.11.11
OR
linuxlinux_kernelMatch2.6.11.12
OR
linuxlinux_kernelMatch2.6.12
OR
linuxlinux_kernelMatch2.6.12.1
OR
linuxlinux_kernelMatch2.6.12.2
OR
linuxlinux_kernelMatch2.6.12.3
OR
linuxlinux_kernelMatch2.6.12.4
OR
linuxlinux_kernelMatch2.6.12.5
OR
linuxlinux_kernelMatch2.6.12.6
OR
linuxlinux_kernelMatch2.6.13
OR
linuxlinux_kernelMatch2.6.13.1
OR
linuxlinux_kernelMatch2.6.13.2
OR
linuxlinux_kernelMatch2.6.13.3
OR
linuxlinux_kernelMatch2.6.13.4
OR
linuxlinux_kernelMatch2.6.13.5
OR
linuxlinux_kernelMatch2.6.14
OR
linuxlinux_kernelMatch2.6.14.1
OR
linuxlinux_kernelMatch2.6.14.2
OR
linuxlinux_kernelMatch2.6.14.3
OR
linuxlinux_kernelMatch2.6.14.4
OR
linuxlinux_kernelMatch2.6.14.5
OR
linuxlinux_kernelMatch2.6.14.6
OR
linuxlinux_kernelMatch2.6.14.7
OR
linuxlinux_kernelMatch2.6.15
OR
linuxlinux_kernelMatch2.6.15.1
OR
linuxlinux_kernelMatch2.6.15.2
OR
linuxlinux_kernelMatch2.6.15.3
OR
linuxlinux_kernelMatch2.6.15.4
OR
linuxlinux_kernelMatch2.6.15.5
OR
linuxlinux_kernelMatch2.6.15.6
OR
linuxlinux_kernelMatch2.6.15.7
OR
linuxlinux_kernelMatch2.6.16
OR
linuxlinux_kernelMatch2.6.16.1
OR
linuxlinux_kernelMatch2.6.16.2
OR
linuxlinux_kernelMatch2.6.16.3
OR
linuxlinux_kernelMatch2.6.16.10
OR
linuxlinux_kernelMatch2.6.16.11
OR
linuxlinux_kernelMatch2.6.16.12
OR
linuxlinux_kernelMatch2.6.16.13
OR
linuxlinux_kernelMatch2.6.16.14
OR
linuxlinux_kernelMatch2.6.16.15
OR
linuxlinux_kernelMatch2.6.16.16
OR
linuxlinux_kernelMatch2.6.16.17
OR
linuxlinux_kernelMatch2.6.16.18
OR
linuxlinux_kernelMatch2.6.16.19
OR
linuxlinux_kernelMatch2.6.16.20
OR
linuxlinux_kernelMatch2.6.16.21
OR
linuxlinux_kernelMatch2.6.16.22
OR
linuxlinux_kernelMatch2.6.16.23
OR
linuxlinux_kernelMatch2.6.16.24
OR
linuxlinux_kernelMatch2.6.16.25
OR
linuxlinux_kernelMatch2.6.16.26
OR
linuxlinux_kernelMatch2.6.16.27
OR
linuxlinux_kernelMatch2.6.16.28
OR
linuxlinux_kernelMatch2.6.16.29
OR
linuxlinux_kernelMatch2.6.16.30
OR
linuxlinux_kernelMatch2.6.16.31
OR
linuxlinux_kernelMatch2.6.16.31-rc1
OR
linuxlinux_kernelMatch2.6.16.31-rc2
OR
linuxlinux_kernelMatch2.6.16.31-rc3
OR
linuxlinux_kernelMatch2.6.16.31-rc4
AND
linuxlinuxx64
VendorProductVersionCPE
linuxkernel2.6.24.7cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*
linuxkernel2.6.25.15cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*
linuxlinux_kernel2.6cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*
linuxlinux_kernel2.6.0cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
linuxlinux_kernel2.6.1cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
linuxlinux_kernel2.6.10cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
linuxlinux_kernel2.6.11cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
linuxlinux_kernel2.6.11.1cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*
linuxlinux_kernel2.6.11.2cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*
Rows per page:
1-10 of 801

References

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

AI Score

5.8

Confidence

High

EPSS

0

Percentile

0.4%