arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
21 Nov 2024, 01:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6 - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html - Mailing List, Third Party Advisory | |
References | () http://lkml.org/lkml/2009/10/1/164 - Patch, Third Party Advisory | |
References | () http://marc.info/?l=oss-security&m=125442304214452&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=oss-security&m=125444390112831&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=oss-security&m=125511635004768&w=2 - Third Party Advisory | |
References | () http://secunia.com/advisories/36927 - Third Party Advisory | |
References | () http://secunia.com/advisories/37075 - Third Party Advisory | |
References | () http://secunia.com/advisories/37351 - Third Party Advisory | |
References | () http://support.avaya.com/css/P8/documents/100073666 - Third Party Advisory | |
References | () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4 - Broken Link | |
References | () http://www.openwall.com/lists/oss-security/2009/10/02/1 - Mailing List, Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2009-1671.html - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/36576 - Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/usn-864-1 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=526788 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10823 - Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7359 - Third Party Advisory | |
References | () https://rhn.redhat.com/errata/RHSA-2009-1540.html - Third Party Advisory | |
References | () https://rhn.redhat.com/errata/RHSA-2010-0046.html - Third Party Advisory | |
References | () https://rhn.redhat.com/errata/RHSA-2010-0095.html - Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html - Third Party Advisory |
Information
Published : 2009-10-20 17:30
Updated : 2024-11-21 01:06
NVD link : CVE-2009-2910
Mitre link : CVE-2009-2910
CVE.ORG link : CVE-2009-2910
JSON object : View
Products Affected
suse
- linux_enterprise_debuginfo
- linux_enterprise_server
- linux_enterprise_software_development_kit
- linux_enterprise_desktop
redhat
- virtualization
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_eus
- enterprise_linux_desktop
opensuse
- opensuse
fedoraproject
- fedora
canonical
- ubuntu_linux
linux
- linux_kernel
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor