Vulnerability in Linux Linux_kernel
CVE-2010-3876
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RA…
EPSS: 0.001 (18.3th percentile) — read the EPSS interpretation.
Affected products
- Linux Linux_kernel — versions 2.6.37
- Debian Debian_linux — versions 5.0
- Opensuse — versions 11.3, 11.2
- Suse Linux_enterprise_desktop — versions 10
- Suse Linux_enterprise_real_time_extension — versions 11
- Suse Linux_enterprise_server — versions 10, 9
- Suse Linux_enterprise_software_development_kit — versions 10
- N/a — versions n/a
Weakness classification (CWE)
References
- 42789 (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
- [oss-security] 20101102 Re: CVE request: kernel stack infoleaks (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
- ADV-2011-0024 (Third Party Advisory, vdb-entry, x_refsource_VUPEN)
- RHSA-2011:0004 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (mailing-list, x_refsource_BUGTRAQ, Third Party Advisory, VDB Entry)
- 46397 (x_refsource_SECUNIA, Third Party Advisory, third-party-advisory)
- [oss-security] 20101102 Re: CVE request: kernel stack infoleaks (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Broken Link)
- [oss-security] 20101104 Re: CVE request: kernel stack infoleaks (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
- RHSA-2011:0007 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)