4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
kernel is vulnerable to information disclosure. A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data.
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3022d734a54cbd2b65eea9a024564821101b4a9a;hp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff
rhn.redhat.com/errata/RHSA-2008-0508.html
secunia.com/advisories/30849
secunia.com/advisories/30850
secunia.com/advisories/31107
secunia.com/advisories/31551
secunia.com/advisories/31628
www.debian.org/security/2008/dsa-1630
www.mandriva.com/security/advisories?name=MDVSA-2008:174
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2008-0519.html
www.redhat.com/support/errata/RHSA-2008-0585.html
www.securityfocus.com/bid/29943
www.securitytracker.com/id?1020364
www.ubuntu.com/usn/usn-625-1
access.redhat.com/errata/RHSA-2008:0519
bugzilla.redhat.com/show_bug.cgi?id=451271
exchange.xforce.ibmcloud.com/vulnerabilities/43558
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571