RootSSV:12509

HistoryOct 22, 2009 - 12:00 a.m.

Linux Kernel tcf_fill_node函数本地信息泄露漏洞

2009-10-2200:00:00

Root

www.seebug.org

0.0004 Low

EPSS

Percentile

8.6%

JSON

CVE ID: CVE-2009-3612

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel netlink子系统中net/sched/cls_api.c文件的tcf_fill_node函数没有初始化某些tcm__pad2结构成员，这允许本地用户从内核内存获取敏感信息。

Linux kernel 2.6.x
Linux kernel 2.4.x
厂商补丁：

Linux

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=ad61df918c44316940404891d5082c63e79c256a

veracode 1

prion 1

cve 1

ubuntucve 1

nessus 36

redhat 4

centos 2

oraclelinux 2

openvas 44

fedora 9

securityvulns 2

debian 3

osv 3

suse 4

ubuntu 1

vmware 4

veracode

Information Disclosure

2020-04-10 00:40:06

prion

Code injection

2009-10-19 20:00:00

cve

CVE-2009-3612

2009-10-19 20:00:00

ubuntucve

CVE-2009-3612

2009-10-19 00:00:00

nessus

CentOS 4 : kernel (CESA-2009:1522)

2009-10-27 00:00:00

RHEL 4 : kernel (RHSA-2009:1522)

2009-10-23 00:00:00

Oracle Linux 4 : kernel (ELSA-2009-1522)

2013-07-12 00:00:00

redhat

(RHSA-2009:1522) Moderate: kernel security and bug fix update

2009-10-22 00:00:00

(RHSA-2009:1670) Important: kernel security and bug fix update

2009-12-15 00:00:00

(RHSA-2009:1540) Important: kernel-rt security, bug fix, and enhancement update

2009-11-03 00:00:00

centos

kernel security update

2009-10-26 14:31:26

kernel security update

2009-12-17 12:56:30

oraclelinux

kernel security and bug fix update

2009-10-22 00:00:00

kernel security and bug fix update

2009-12-16 00:00:00

openvas

RedHat Security Advisory RHSA-2009:1670

2009-12-30 00:00:00

CentOS Update for kernel CESA-2009:1670 centos5 i386

2011-08-09 00:00:00

CentOS Security Advisory CESA-2009:1670 (kernel)

2009-12-30 00:00:00

fedora

[SECURITY] Fedora 11 Update: kernel-2.6.30.9-90.fc11

2009-10-27 06:48:07

[SECURITY] Fedora 11 Update: kernel-2.6.30.9-96.fc11

2009-11-06 00:03:20

[SECURITY] Fedora 11 Update: kernel-2.6.30.9-102.fc11

2009-12-07 07:27:49

securityvulns

[SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities

2009-11-08 00:00:00

Linux kernel multiple security vulnerabilities

2009-11-08 00:00:00

debian

[SECURITY] [DSA 1927-1] New Linux 2.6.26 packages fix several vulnerabilities

2009-11-05 16:21:03

[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities

2009-11-06 00:51:43

[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities

2009-11-05 22:03:48

osv

linux-2.6 - several vulnerabilities

2009-11-05 00:00:00

linux-2.6 - several vulnerabilities

2009-11-05 00:00:00

linux-2.6.24 - several vulnerabilities

2009-11-05 00:00:00

suse

remote denial of service in kernel

2009-12-02 17:15:31

remote denial of service in kernel

2009-12-14 18:08:07

remote denial of service in kernel

2009-12-22 18:28:49

ubuntu

Linux kernel vulnerabilities

2009-12-05 00:00:00

vmware

ESX Service Console and vMA third party updates

2010-03-03 00:00:00

ESX Service Console and vMA third party updates

2010-03-03 00:00:00

ESXi utilities and ESX Service Console third party updates

2010-05-27 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.0004 Low

EPSS

Percentile

8.6%

JSON

Related for SSV:12509