[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-2910Date: (C)2009-10-20   (M)2024-02-22


arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
BID-36576
SECUNIA-36927
SECUNIA-37075
SECUNIA-37351
FEDORA-2009-10525
RHSA-2009:1540
RHSA-2009:1671
RHSA-2010:0046
RHSA-2010:0095
SUSE-SA:2009:054
SUSE-SA:2009:056
SUSE-SA:2010:012
USN-864-1
http://lkml.org/lkml/2009/10/1/164
http://marc.info/?l=oss-security&m=125442304214452&w=2
http://www.openwall.com/lists/oss-security/2009/10/02/1
http://marc.info/?l=oss-security&m=125444390112831&w=2
http://marc.info/?l=oss-security&m=125511635004768&w=2
http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6
http://support.avaya.com/css/P8/documents/100073666
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4
https://bugzilla.redhat.com/show_bug.cgi?id=526788
oval:org.mitre.oval:def:10823
oval:org.mitre.oval:def:7359

CWE    1
CWE-200
OVAL    15
oval:org.secpod.oval:def:202196
oval:org.secpod.oval:def:500393
oval:org.secpod.oval:def:700418
oval:org.secpod.oval:def:201720
...

© SecPod Technologies