Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2005-0400

Published: 02/05/2005 Updated: 03/10/2018
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Linux Kernel

Vulnerability Summary

The ext2_make_empty function call in the Linux kernel prior to 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Ubuntu Security Notice: linux-source-2.6.8.1 vulnerabilities
Mathieu Lafon discovered an information leak in the ext2 file system driver When a new directory was created, the ext2 block written to disk was not initialized, so that previous memory contents (which could contain sensitive data like passwords) became visible on the raw device This is particularly important if the target device is removable and ...
Red Hat: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6
Synopsis Updated kernel packages available for Red Hat Enterprise Linux 3 Update 6 Type/Severity Security Advisory: Important Topic Updated kernel packages are now available as part of ongoing support andmaintenance of Red Hat Enterprise Linux version 3 This is the sixthregular updateThis security adviso ...
Red Hat: kernel security update
Synopsis kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team[Updated 9 August 2005 ...

References

NVD-CWE-Otherhttp://arkoon.net/advisories/ext2-make-empty-leak.txthttp://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6http://secunia.com/advisories/14713/https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532http://www.redhat.com/support/errata/RHSA-2006-0190.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0191.htmlhttp://secunia.com/advisories/18684http://www.redhat.com/support/errata/RHSA-2005-366.htmlhttp://www.redhat.com/support/errata/RHSA-2005-663.htmlhttp://secunia.com/advisories/17002http://www.securityfocus.com/bid/12932http://www.vupen.com/english/advisories/2005/1878http://marc.info/?l=bugtraq&m=111238764720696&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/19866https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10336https://usn.ubuntu.com/103-1/https://usn.ubuntu.com/103-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook