Vulnerabilities > CVE-2008-0598 - Information Exposure vulnerability in Linux Kernel 2.6.18/2.6.9
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Browser Fingerprinting An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1630.NASL description Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-6282 Dirk Nehring discovered a vulnerability in the IPsec code that allows remote users to cause a denial of service by sending a specially crafted ESP packet. - CVE-2008-0598 Tavis Ormandy discovered a vulnerability that allows local users to access uninitialized kernel memory, possibly leaking sensitive data. This issue is specific to the amd64-flavour kernel images. - CVE-2008-2729 Andi Kleen discovered an issue where uninitialized kernel memory was being leaked to userspace during an exception. This issue may allow local users to gain access to sensitive data. Only the amd64-flavour Debian kernel images are affected. - CVE-2008-2812 Alan Cox discovered an issue in multiple tty drivers that allows local users to trigger a denial of service (NULL pointer dereference) and possibly obtain elevated privileges. - CVE-2008-2826 Gabriel Campana discovered an integer overflow in the sctp code that can be exploited by local users to cause a denial of service. - CVE-2008-2931 Miklos Szeredi reported a missing privilege check in the do_change_type() function. This allows local, unprivileged users to change the properties of mount points. - CVE-2008-3272 Tobias Klein reported a locally exploitable data leak in the snd_seq_oss_synth_make_info() function. This may allow local users to gain access to sensitive information. - CVE-2008-3275 Zoltan Sogor discovered a coding error in the VFS that allows local users to exploit a kernel memory leak resulting in a denial of service. last seen 2020-06-01 modified 2020-06-02 plugin id 34032 published 2008-08-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34032 title Debian DSA-1630-1 : linux-2.6 - denial of service/information leak NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-7063.NASL description This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe regression introduced by previous bugfix updates that would corrupt NFSv4 mounted data. The update also fixes several other bugs and following security issue : - drivers/net/r8169.c in the r8169 driver of Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the maximum transmission unit (MTU), which allows remote attackers to. (CVE-2009-4537) 1. cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or 2. cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing last seen 2020-06-01 modified 2020-06-02 plugin id 59149 published 2012-05-17 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59149 title SuSE 10 Security Update : the Linux kernel (x86_64) (ZYPP Patch Number 7063) NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2009-0014.NASL description a. Service Console update for DHCP and third-party library update for DHCP client. DHCP is an Internet-standard protocol by which a computer can be connected to a local network, ask to be given configuration information, and receive from a server enough information to configure itself as a member of that network. A stack-based buffer overflow in the script_write_params method in ISC DHCP dhclient allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue. An insecure temporary file use flaw was discovered in the DHCP daemon last seen 2020-06-01 modified 2020-06-02 plugin id 42179 published 2009-10-19 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42179 title VMSA-2009-0014 : VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0508.NASL description From Red Hat Security Advisory 2008:0508 : Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) * Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang). (CVE-2008-2365, Important) * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption. (CVE-2008-1367, Low) As well, these updated packages fix the following bug : * On systems with a large number of CPUs (more than 16), multiple applications calling the last seen 2020-06-01 modified 2020-06-02 plugin id 67703 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67703 title Oracle Linux 4 : kernel (ELSA-2008-0508) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0508.NASL description Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) * Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang). (CVE-2008-2365, Important) * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption. (CVE-2008-1367, Low) As well, these updated packages fix the following bug : * On systems with a large number of CPUs (more than 16), multiple applications calling the last seen 2020-06-01 modified 2020-06-02 plugin id 33376 published 2008-07-02 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33376 title RHEL 4 : kernel (RHSA-2008:0508) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5566.NASL description This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbni_ioctl(). (CVE-2008-3525) - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598) - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673) - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. (CVE-2008-3272) - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory. (CVE-2008-3275) - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931) - Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. (CVE-2008-2812) last seen 2020-06-01 modified 2020-06-02 plugin id 34331 published 2008-10-02 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34331 title SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0519.NASL description Updated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate) As well, these updated packages fix the following bug : * Due to a regression, last seen 2020-06-01 modified 2020-06-02 plugin id 33377 published 2008-07-02 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33377 title RHEL 5 : kernel (RHSA-2008:0519) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0508.NASL description Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) * Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang). (CVE-2008-2365, Important) * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption. (CVE-2008-1367, Low) As well, these updated packages fix the following bug : * On systems with a large number of CPUs (more than 16), multiple applications calling the last seen 2020-06-01 modified 2020-06-02 plugin id 33365 published 2008-07-02 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33365 title CentOS 4 : kernel (CESA-2008:0508) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5608.NASL description This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbni_ioctl(). (CVE-2008-3525) - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598) - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673) - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. (CVE-2008-3272) - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory. (CVE-2008-3275) - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931) - Various NULL ptr checks have been added to the tty ops functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. (CVE-2008-2812) last seen 2020-06-01 modified 2020-06-02 plugin id 59131 published 2012-05-17 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59131 title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0973.NASL description Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update addresses the following security issues : * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important) * missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important) * the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important) * a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate) * multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate) * a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate) This update also fixes the following bugs : * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system last seen 2020-06-01 modified 2020-06-02 plugin id 35186 published 2008-12-17 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35186 title CentOS 3 : kernel (CESA-2008:0973) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2008-2005.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - fix utrace dead_engine ops race - fix ptrace_attach leak - CVE-2007-5093: kernel PWC driver DoS - CVE-2007-6282: IPSec ESP kernel panics - CVE-2007-6712: kernel: infinite loop in highres timers (kernel hang) - CVE-2008-1615: kernel: ptrace: Unprivileged crash on x86_64 %cs corruption - CVE-2008-1294: kernel: setrlimit(RLIMIT_CPUINFO) with zero value doesn last seen 2020-06-01 modified 2020-06-02 plugin id 79447 published 2014-11-26 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79447 title OracleVM 2.1 : kernel (OVMSA-2008-2005) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0973.NASL description Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update addresses the following security issues : * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important) * missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important) * the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important) * a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate) * multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate) * a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate) This update also fixes the following bugs : * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system last seen 2020-06-01 modified 2020-06-02 plugin id 35190 published 2008-12-17 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/35190 title RHEL 3 : kernel (RHSA-2008:0973) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5565.NASL description This kernel security update fixes lots of bugs and some last seen 2020-06-01 modified 2020-06-02 plugin id 41534 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/41534 title SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5565) NASL family Misc. NASL id VMWARE_VMSA-2009-0014_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - ISC DHCP dhclient - Integrated Services Digital Network (ISDN) subsystem - Java Runtime Environment (JRE) - Java SE Development Kit (JDK) - Java SE Web Start - Linux kernel - Linux kernel 32-bit and 64-bit emulation - Linux kernel Simple Internet Transition INET6 - Linux kernel tty - Linux kernel virtual file system (VFS) - Red Hat dhcpd init script for DHCP - SBNI WAN driver last seen 2020-06-01 modified 2020-06-02 plugin id 89116 published 2016-03-03 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89116 title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0519.NASL description From Red Hat Security Advisory 2008:0519 : Updated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate) As well, these updated packages fix the following bug : * Due to a regression, last seen 2020-06-01 modified 2020-06-02 plugin id 67706 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67706 title Oracle Linux 5 : kernel (ELSA-2008-0519) NASL family Scientific Linux Local Security Checks NASL id SL_20080625_KERNEL_ON_SL5_X.NASL description These updated packages fix the following security issues : - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) - Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate) As well, these updated packages fix the following bug : - Due to a regression, last seen 2020-06-01 modified 2020-06-02 plugin id 60430 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60430 title Scientific Linux Security Update : kernel on SL5.x i386/x86_64 NASL family Scientific Linux Local Security Checks NASL id SL_20081216_KERNEL_ON_SL3_X.NASL description This update addresses the following security issues : - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important) - missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important) - the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important) - a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate) - multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate) - a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate) This update also fixes the following bugs : - the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system last seen 2020-06-01 modified 2020-06-02 plugin id 60507 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60507 title Scientific Linux Security Update : kernel on SL3.x i386/x86_64 NASL family Scientific Linux Local Security Checks NASL id SL_20080625_KERNEL_ON_SL4_X.NASL description These updated packages fix the following security issues : - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) - Alexey Dobriyan discovered a race condition in the Linux kernel process-tracing system call, ptrace. A local unprivileged user could use this flaw to cause a denial of service (kernel hang). (CVE-2008-2365, Important) - Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) - It was discovered that the Linux kernel handled string operations in the opposite way to the GNU Compiler Collection (GCC). This could allow a local unprivileged user to cause memory corruption. (CVE-2008-1367, Low) As well, these updated packages fix the following bug : - On systems with a large number of CPUs (more than 16), multiple applications calling the last seen 2020-06-01 modified 2020-06-02 plugin id 60429 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60429 title Scientific Linux Security Update : kernel on SL4.x i386/x86_64 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-637-1.NASL description It was discovered that there were multiple NULL pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. (CVE-2008-2812) The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. (CVE-2008-2931) Tobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. (CVE-2008-3272) Zoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. (CVE-2008-3275) In certain situations, the fix for CVE-2008-0598 from USN-623-1 was causing infinite loops in the writev syscall. This update corrects the mistake. We apologize for the inconvenience. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 34048 published 2008-08-26 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34048 title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-637-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0973.NASL description From Red Hat Security Advisory 2008:0973 : Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update addresses the following security issues : * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local, unprivileged user to prepare and run a specially crafted binary which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * a possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2008-2136, Important) * missing capability checks were found in the SBNI WAN driver which could allow a local user to bypass intended capability restrictions. (CVE-2008-3525, Important) * the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local, unprivileged user to obtain access to privileged information. (CVE-2008-4210, Important) * a buffer overflow flaw was found in Integrated Services Digital Network (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2007-6063, Moderate) * multiple NULL pointer dereferences were found in various Linux kernel network drivers. These drivers were missing checks for terminal validity, which could allow privilege escalation. (CVE-2008-2812, Moderate) * a deficiency was found in the Linux kernel virtual filesystem (VFS) implementation. This could allow a local, unprivileged user to attempt file creation within deleted directories, possibly causing a denial of service. (CVE-2008-3275, Moderate) This update also fixes the following bugs : * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap() was used where kunmap_atomic() should have been. As a consequence, if an NFSv2 or NFSv3 server exported a volume containing a symlink which included a path equal to or longer than the local system last seen 2020-06-01 modified 2020-06-02 plugin id 67763 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67763 title Oracle Linux 3 : kernel (ELSA-2008-0973) NASL family SuSE Local Security Checks NASL id SUSE9_12636.NASL description This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel. The following security issues were fixed : - A crafted NFS write request might have caused a buffer overwrite, potentially causing a kernel crash. (CVE-2010-2521) - The x86_64 copy_to_user implementation might have leaked kernel memory depending on specific user buffer setups. (CVE-2008-0598) - drivers/net/r8169.c in the r8169 driver in the Linux kernel did not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing last seen 2020-06-01 modified 2020-06-02 plugin id 48901 published 2010-08-27 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48901 title SuSE9 Security Update : Linux kernel (YOU Patch Number 12636) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0519.NASL description Updated kernel packages that fix various security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the content at the destination memory location. This could allow a local unprivileged user to view potentially sensitive data. (CVE-2008-2729, Important) * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and 64-bit emulation. This could allow a local unprivileged user to prepare and run a specially crafted binary, which would use this deficiency to leak uninitialized and potentially sensitive data. (CVE-2008-0598, Important) * Brandon Edwards discovered a missing length validation check in the Linux kernel DCCP module reconciliation feature. This could allow a local unprivileged user to cause a heap overflow, gaining privileges for arbitrary code execution. (CVE-2008-2358, Moderate) As well, these updated packages fix the following bug : * Due to a regression, last seen 2020-06-01 modified 2020-06-02 plugin id 43692 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43692 title CentOS 5 : kernel (CESA-2008:0519) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-625-1.NASL description Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2007-6282) Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. A local attacker could request a large expiration value and cause the system to hang, leading to a denial of service. (CVE-2007-6712) Tavis Ormandy discovered that the ia32 emulation under 64bit kernels did not fully clear uninitialized data. A local attacker could read private kernel memory, leading to a loss of privacy. (CVE-2008-0598) Jan Kratochvil discovered that PTRACE did not correctly handle certain calls when running under 64bit kernels. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-1615) Wei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT did not correctly handle certain length values. Remote attackers could exploit this to execute arbitrary code or crash the system. (CVE-2008-1673) Paul Marks discovered that the SIT interfaces did not correctly manage allocated memory. A remote attacker could exploit this to fill all available memory, leading to a denial of service. (CVE-2008-2136) David Miller and Jan Lieskovsky discovered that the Sparc kernel did not correctly range-check memory regions allocated with mmap. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2137) The sys_utimensat system call did not correctly check file permissions in certain situations. A local attacker could exploit this to modify the file times of arbitrary files which could lead to a denial of service. (CVE-2008-2148) Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code. (CVE-2008-2358) A race condition was discovered between ptrace and utrace in the kernel. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2365) The copy_to_user routine in the kernel did not correctly clear memory destination addresses when running on 64bit kernels. A local attacker could exploit this to gain access to sensitive kernel memory, leading to a loss of privacy. (CVE-2008-2729) The PPP over L2TP routines in the kernel did not correctly handle certain messages. A remote attacker could send a specially crafted packet that could crash the system or execute arbitrary code. (CVE-2008-2750) Gabriel Campana discovered that SCTP routines did not correctly check for large addresses. A local user could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2826). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33531 published 2008-07-17 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33531 title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-625-1) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5605.NASL description This kernel security update fixes lots of bugs and some last seen 2020-06-01 modified 2020-06-02 plugin id 59130 published 2012-05-17 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59130 title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5605) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-7059.NASL description This SUSE Linux Enterprise 10 SP3 kernel update fixes a severe regression introduced by previous bugfix updates that would corrupt NFSv4 mounted data. The update also fixes several other bugs and following security issue : - drivers/net/r8169.c in the r8169 driver of Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the maximum transmission unit (MTU), which allows remote attackers to. (CVE-2009-4537) 1. cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or 2. cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing last seen 2020-06-01 modified 2020-06-02 plugin id 49871 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49871 title SuSE 10 Security Update : Linux kernel (i386) (ZYPP Patch Number 7059)
Oval
accepted 2013-04-29T04:08:04.765-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651 comment The operating system installed on the system is Red Hat Enterprise Linux 4 oval oval:org.mitre.oval:def:11831 comment CentOS Linux 4.x oval oval:org.mitre.oval:def:16636 comment Oracle Linux 4.x oval oval:org.mitre.oval:def:15990 comment The operating system installed on the system is Red Hat Enterprise Linux 5 oval oval:org.mitre.oval:def:11414 comment The operating system installed on the system is CentOS Linux 5.x oval oval:org.mitre.oval:def:15802 comment Oracle Linux 5.x oval oval:org.mitre.oval:def:15459
description Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. family unix id oval:org.mitre.oval:def:10721 status accepted submitted 2010-07-09T03:56:16-04:00 title Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. version 27 accepted 2010-01-11T04:01:34.596-05:00 class vulnerability contributors name Michael Wood organization Hewlett-Packard definition_extensions comment VMware ESX Server 3.5.0 is installed oval oval:org.mitre.oval:def:5887 description Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary. family unix id oval:org.mitre.oval:def:6201 status accepted submitted 2009-09-23T15:39:02.000-04:00 title Linux Kernel copy_user() IA32 Emulation Bug Discloses Information to Local Users version 4
Redhat
| advisories |
| ||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 29942 CVE ID:CVE-2008-0598 CNCVE ID:CNCVE-20080598 Linux是一款开放源代码的操作系统。 Linux 32和64位仿真模拟存在缺陷,本地攻击者可以利用漏洞构建特殊的程序,触发泄漏未初始化内存而导致敏感信息泄漏。 目前没有详细漏洞细节提供。 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux Desktop version 4 RedHat Enterprise Linux 5 server Linux kernel 2.6.26 -rc6 Linux kernel 2.6.25 .5 Linux kernel 2.6.25 Linux kernel 2.6.25 Linux kernel 2.6.24 .2 Linux kernel 2.6.24 .1 Linux kernel 2.6.24 -rc5 Linux kernel 2.6.24 -rc4 Linux kernel 2.6.24 -rc3 Linux kernel 2.6.23 .7 Linux kernel 2.6.23 .6 Linux kernel 2.6.23 .5 Linux kernel 2.6.23 .4 Linux kernel 2.6.23 .3 Linux kernel 2.6.23 .2 Linux kernel 2.6.23 -rc2 Linux kernel 2.6.23 -rc1 Linux kernel 2.6.23 Linux kernel 2.6.22 7 Linux kernel 2.6.22 1 Linux kernel 2.6.22 .8 Linux kernel 2.6.22 .6 Linux kernel 2.6.22 .5 Linux kernel 2.6.22 .4 Linux kernel 2.6.22 .3 Linux kernel 2.6.22 .17 Linux kernel 2.6.22 .16 Linux kernel 2.6.22 .15 Linux kernel 2.6.22 .14 Linux kernel 2.6.22 .13 Linux kernel 2.6.22 .12 Linux kernel 2.6.22 .11 Linux kernel 2.6.22 Linux kernel 2.6.22 Linux kernel 2.6.21 4 Linux kernel 2.6.21 .7 Linux kernel 2.6.21 .6 Linux kernel 2.6.21 .2 Linux kernel 2.6.21 .1 Linux kernel 2.6.21 Linux kernel 2.6.21 Linux kernel 2.6.21 Linux kernel 2.6.20 .9 Linux kernel 2.6.20 .8 Linux kernel 2.6.20 .5 Linux kernel 2.6.20 .4 Linux kernel 2.6.20 .15 Linux kernel 2.6.20 Linux kernel 2.6.20 Linux kernel 2.6.19 1 Linux kernel 2.6.19 .2 Linux kernel 2.6.19 .1 Linux kernel 2.6.19 -rc4 Linux kernel 2.6.19 -rc3 Linux kernel 2.6.19 -rc2 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.19 -rc1 Linux kernel 2.6.19 Linux kernel 2.6.18 .4 Linux kernel 2.6.18 .3 Linux kernel 2.6.18 .1 Linux kernel 2.6.18 Linux kernel 2.6.17 .8 Linux kernel 2.6.17 .7 Linux kernel 2.6.17 .6 Linux kernel 2.6.17 .5 Linux kernel 2.6.17 .3 Linux kernel 2.6.17 .2 Linux kernel 2.6.17 .14 Linux kernel 2.6.17 .13 Linux kernel 2.6.17 .12 Linux kernel 2.6.17 .11 Linux kernel 2.6.17 .10 Linux kernel 2.6.17 .1 Linux kernel 2.6.17 -rc5 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.16 27 Linux kernel 2.6.16 13 Linux kernel 2.6.16 .9 Linux kernel 2.6.16 .7 Linux kernel 2.6.16 .23 Linux kernel 2.6.16 .19 Linux kernel 2.6.16 .12 Linux kernel 2.6.16 .11 Linux kernel 2.6.16 .1 Linux kernel 2.6.16 -rc1 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.15 .4 Linux kernel 2.6.15 .3 Linux kernel 2.6.15 .2 Linux kernel 2.6.15 .1 Linux kernel 2.6.15 -rc3 Linux kernel 2.6.15 -rc2 Linux kernel 2.6.15 -rc1 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.14 .5 Linux kernel 2.6.14 .4 Linux kernel 2.6.14 .3 Linux kernel 2.6.14 .2 Linux kernel 2.6.14 .1 Linux kernel 2.6.14 -rc4 Linux kernel 2.6.14 -rc3 Linux kernel 2.6.14 -rc2 Linux kernel 2.6.14 -rc1 Linux kernel 2.6.14 Linux kernel 2.6.14 Linux kernel 2.6.13 .4 Linux kernel 2.6.13 .3 Linux kernel 2.6.13 .2 Linux kernel 2.6.13 .1 Linux kernel 2.6.13 -rc7 Linux kernel 2.6.13 -rc6 Linux kernel 2.6.13 -rc4 Linux kernel 2.6.13 -rc1 Linux kernel 2.6.13 Linux kernel 2.6.13 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.12 .6 Linux kernel 2.6.12 .5 Linux kernel 2.6.12 .4 Linux kernel 2.6.12 .3 Linux kernel 2.6.12 .22 Linux kernel 2.6.12 .2 Linux kernel 2.6.12 .12 Linux kernel 2.6.12 .1 Linux kernel 2.6.12 -rc5 Linux kernel 2.6.12 -rc4 Linux kernel 2.6.12 -rc1 Linux kernel 2.6.12 Linux kernel 2.6.12 Linux kernel 2.6.11 .8 Linux kernel 2.6.11 .7 Linux kernel 2.6.11 .6 Linux kernel 2.6.11 .5 Linux kernel 2.6.11 .4 Linux kernel 2.6.11 .12 Linux kernel 2.6.11 .11 Linux kernel 2.6.11 -rc4 Linux kernel 2.6.11 -rc3 Linux kernel 2.6.11 -rc2 Linux kernel 2.6.11 Linux kernel 2.6.11 Linux kernel 2.6.10 rc2 Linux kernel 2.6.10 Linux kernel 2.6.10 Linux kernel 2.6.9 Linux kernel 2.6.8 rc3 Linux kernel 2.6.8 rc2 Linux kernel 2.6.8 rc1 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Linux kernel 2.6.8 Linux kernel 2.6.7 rc1 Linux kernel 2.6.7 Linux kernel 2.6.6 rc1 Linux kernel 2.6.6 Linux kernel 2.6.5 Linux kernel 2.6.4 Linux kernel 2.6.3 Linux kernel 2.6.2 Linux kernel 2.6.1 -rc2 Linux kernel 2.6.1 -rc1 Linux kernel 2.6.1 Linux kernel 2.6 .10 Linux kernel 2.6 -test9-CVS Linux kernel 2.6 -test9 Linux kernel 2.6 -test8 Linux kernel 2.6 -test7 Linux kernel 2.6 -test6 Linux kernel 2.6 -test5 Linux kernel 2.6 -test4 Linux kernel 2.6 -test3 Linux kernel 2.6 -test2 Linux kernel 2.6 -test11 Linux kernel 2.6 -test10 Linux kernel 2.6 -test1 Linux kernel 2.6 Linux kernel 2.4.36 5 Linux kernel 2.4.36 4 Linux kernel 2.4.36 1 Linux kernel 2.4.36 .4 Linux kernel 2.4.36 Linux kernel 2.4.35 3 Linux kernel 2.4.34 Linux kernel 2.4.34 Linux kernel 2.4.34 Linux kernel 2.4.33 2 Linux kernel 2.4.33 .7 Linux kernel 2.4.33 .6 Linux kernel 2.4.33 .6 Linux kernel 2.4.33 .5 Linux kernel 2.4.33 .4 Linux kernel 2.4.33 .3 Linux kernel 2.4.33 .3 Linux kernel 2.4.33 -pre1 Linux kernel 2.4.33 Linux kernel 2.4.33 Linux kernel 2.4.32 -pre2 Linux kernel 2.4.32 -pre1 Linux kernel 2.4.32 Linux kernel 2.4.31 -pre1 Linux kernel 2.4.31 Linux kernel 2.4.30 rc3 Linux kernel 2.4.30 rc2 Linux kernel 2.4.30 Linux kernel 2.4.29 -rc2 Linux kernel 2.4.29 -rc1 Linux kernel 2.4.29 Linux kernel 2.4.28 Linux kernel 2.4.27 -pre5 Linux kernel 2.4.27 -pre4 Linux kernel 2.4.27 -pre3 Linux kernel 2.4.27 -pre2 Linux kernel 2.4.27 -pre1 Linux kernel 2.4.27 Linux kernel 2.4.26 Linux kernel 2.4.25 Linux kernel 2.4.24 -ow1 Linux kernel 2.4.24 Linux kernel 2.4.23 -pre9 Linux kernel 2.4.23 -ow2 Linux kernel 2.4.23 Linux kernel 2.4.22 Linux kernel 2.4.21 pre7 Linux kernel 2.4.21 pre4 Linux kernel 2.4.21 pre1 Linux kernel 2.4.21 + Conectiva Linux 9.0 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux WS 3 + S.u.S.E. Linux Enterprise Server 8 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Linux kernel 2.4.20 Linux kernel 2.4.19 -pre6 Linux kernel 2.4.19 -pre5 Linux kernel 2.4.19 -pre4 Linux kernel 2.4.19 -pre3 Linux kernel 2.4.19 -pre2 Linux kernel 2.4.19 -pre1 Linux kernel 2.4.19 Linux kernel 2.4.18 pre-8 Linux kernel 2.4.18 pre-7 Linux kernel 2.4.18 pre-6 Linux kernel 2.4.18 pre-5 Linux kernel 2.4.18 pre-4 Linux kernel 2.4.18 pre-3 Linux kernel 2.4.18 pre-2 Linux kernel 2.4.18 pre-1 Linux kernel 2.4.18 x86 Linux kernel 2.4.18 Linux kernel 2.4.17 Linux kernel 2.4.16 Linux kernel 2.4.15 Linux kernel 2.4.14 Linux kernel 2.4.13 Linux kernel 2.4.12 + Conectiva Linux 7.0 Linux kernel 2.4.11 Linux kernel 2.4.10 Linux kernel 2.4.9 Linux kernel 2.4.8 Linux kernel 2.4.7 Linux kernel 2.4.6 Linux kernel 2.4.5 + Slackware Linux 8.0 Linux kernel 2.4.4 Linux kernel 2.4.3 Linux kernel 2.4.2 Linux kernel 2.4.1 Linux kernel 2.4 .0-test9 Linux kernel 2.4 .0-test8 Linux kernel 2.4 .0-test7 Linux kernel 2.4 .0-test6 Linux kernel 2.4 .0-test5 Linux kernel 2.4 .0-test4 Linux kernel 2.4 .0-test3 Linux kernel 2.4 .0-test2 Linux kernel 2.4 .0-test12 Linux kernel 2.4 .0-test11 Linux kernel 2.4 .0-test10 Linux kernel 2.4 .0-test1 Linux kernel 2.4 Linux kernel 2.6.8.1 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Linux kernel 2.6.26-rc5-git1 Linux kernel 2.6.25.4 Linux kernel 2.6.25.3 Linux kernel 2.6.25.2 Linux kernel 2.6.25.1 Linux kernel 2.6.24.6 Linux kernel 2.6.24-rc2 Linux kernel 2.6.24-rc1 Linux kernel 2.6.23.14 Linux kernel 2.6.23.10 Linux kernel 2.6.23.1 Linux kernel 2.6.23.09 Linux kernel 2.6.22-rc7 Linux kernel 2.6.22-rc1 Linux kernel 2.6.21-RC6 Linux kernel 2.6.21-RC5 Linux kernel 2.6.21-RC4 Linux kernel 2.6.21-RC3 Linux kernel 2.6.21-RC3 Linux kernel 2.6.20.3 Linux kernel 2.6.20.2 Linux kernel 2.6.20.13 Linux kernel 2.6.20.11 Linux kernel 2.6.20.1 Linux kernel 2.6.20-rc2 Linux kernel 2.6.20-2 Linux kernel 2.6.18-8.1.8.el5 Linux kernel 2.6.18-53 Linux kernel 2.6.18 Linux kernel 2.6.15.5 Linux kernel 2.6.15.11 Linux kernel 2.6.15-27.48 Linux kernel 2.6.11.4 Linux kernel 2.4.36.6 Linux kernel 2.4.36.5 Linux kernel 2.4.34.6 Linux kernel 2.4.34.5 Linux kernel 2.4.34.3 Linux kernel 2.4.33.5 Linux kernel 2.4.33.4 可参考如下安全公告获得补丁信息: <a href=http://rhn.redhat.com/errata/RHSA-2008-0508.html target=_blank>http://rhn.redhat.com/errata/RHSA-2008-0508.html</a> <a href=http://rhn.redhat.com/errata/RHSA-2008-0519.html target=_blank>http://rhn.redhat.com/errata/RHSA-2008-0519.html</a> |
| id | SSV:3495 |
| last seen | 2017-11-19 |
| modified | 2008-06-29 |
| published | 2008-06-29 |
| reporter | Root |
| title | Linux Kernel 32-bit/64bit仿真本地信息泄漏漏洞 |
References
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html
- http://rhn.redhat.com/errata/RHSA-2008-0508.html
- http://rhn.redhat.com/errata/RHSA-2008-0508.html
- http://secunia.com/advisories/30849
- http://secunia.com/advisories/30849
- http://secunia.com/advisories/30850
- http://secunia.com/advisories/30850
- http://secunia.com/advisories/31107
- http://secunia.com/advisories/31107
- http://secunia.com/advisories/31551
- http://secunia.com/advisories/31551
- http://secunia.com/advisories/32103
- http://secunia.com/advisories/32103
- http://secunia.com/advisories/32104
- http://secunia.com/advisories/32104
- http://secunia.com/advisories/33201
- http://secunia.com/advisories/33201
- http://secunia.com/advisories/33586
- http://secunia.com/advisories/33586
- http://www.debian.org/security/2008/dsa-1630
- http://www.debian.org/security/2008/dsa-1630
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:220
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:220
- http://www.redhat.com/support/errata/RHSA-2008-0519.html
- http://www.redhat.com/support/errata/RHSA-2008-0519.html
- http://www.redhat.com/support/errata/RHSA-2008-0973.html
- http://www.redhat.com/support/errata/RHSA-2008-0973.html
- http://www.redhat.com/support/errata/RHSA-2009-0009.html
- http://www.redhat.com/support/errata/RHSA-2009-0009.html
- http://www.securityfocus.com/bid/29942
- http://www.securityfocus.com/bid/29942
- http://www.securitytracker.com/id?1020367
- http://www.securitytracker.com/id?1020367
- http://www.ubuntu.com/usn/usn-625-1
- http://www.ubuntu.com/usn/usn-625-1
- https://bugzilla.redhat.com/show_bug.cgi?id=433938
- https://bugzilla.redhat.com/show_bug.cgi?id=433938
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43554
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10721
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10721
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6201
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6201