CVE-2008-2729

Sažetak

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=451271
http://rhn.redhat.com/errata/RHSA-2008-0508.html
http://www.redhat.com/support/errata/RHSA-2008-0519.html
http://www.securitytracker.com/id?1020364
http://secunia.com/advisories/30849
http://www.securityfocus.com/bid/29943
http://secunia.com/advisories/31107
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
http://secunia.com/advisories/30850
http://www.ubuntu.com/usn/usn-625-1
http://www.redhat.com/support/errata/RHSA-2008-0585.html
http://secunia.com/advisories/31628
http://www.debian.org/security/2008/dsa-1630
http://secunia.com/advisories/31551
https://exchange.xforce.ibmcloud.com/vulnerabilities/43558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=3022d734a54cbd2b65eea9a024564821101b4a9a%3Bhp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff

CVSS

Base:	4.9
Impact:	6.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

07-11-2023 - 02:02

Objavljeno

30-06-2008 - 22:41