Information Disclosure

2020-04-1000:22:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

JSON

kernel is vulnerable to information disclosure. A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data.

CPENameOperatorVersion
kerneleq2.6.18__8.1.14.el5
kerneleq2.6.18__8.1.3.el5
kerneleq2.6.18__92.1.1.el5
kerneleq2.6.18__8.1.3.lspp.80.el5
kerneleq2.6.18__8.1.8.el5
kerneleq2.6.18__53.1.4.el5
kerneleq2.6.18__8.1.3.lspp.81.el5
kerneleq2.6.18__53.1.21.el5
kerneleq2.6.18__8.1.4.el5
kerneleq2.6.18__8.1.1.el5

Name	Operator	Version
kernel	eq	2.6.18__8.1.14.el5
kernel	eq	2.6.18__8.1.3.el5
kernel	eq	2.6.18__92.1.1.el5
kernel	eq	2.6.18__8.1.3.lspp.80.el5
kernel	eq	2.6.18__8.1.8.el5
kernel	eq	2.6.18__53.1.4.el5
kernel	eq	2.6.18__8.1.3.lspp.81.el5
kernel	eq	2.6.18__53.1.21.el5
kernel	eq	2.6.18__8.1.4.el5
kernel	eq	2.6.18__8.1.1.el5

Rows per page:

1-10 of 401

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3022d734a54cbd2b65eea9a024564821101b4a9a;hp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff

rhn.redhat.com/errata/RHSA-2008-0508.html

secunia.com/advisories/30849

secunia.com/advisories/30850

secunia.com/advisories/31107

secunia.com/advisories/31551

secunia.com/advisories/31628

www.debian.org/security/2008/dsa-1630

www.mandriva.com/security/advisories?name=MDVSA-2008:174

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2008-0519.html

www.redhat.com/support/errata/RHSA-2008-0585.html

www.securityfocus.com/bid/29943