Published: 20/10/2009 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 189

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

arch/x86/ia32/ia32entry.S in the Linux kernel prior to 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
suse linux enterprise server 9
opensuse opensuse 11.0
suse linux enterprise server 10
suse linux enterprise desktop 10
suse linux enterprise software development kit 10
suse linux enterprise debuginfo 10
canonical ubuntu linux 9.04
canonical ubuntu linux 8.10
canonical ubuntu linux 9.10
canonical ubuntu linux 8.04
canonical ubuntu linux 6.06
redhat enterprise linux server 5.0
redhat enterprise linux workstation 5.0
redhat enterprise linux desktop 5.0
redhat virtualization 5
redhat enterprise linux eus 5.4
fedoraproject fedora 10

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Secu ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 5This update has been rated as having important security impact by the RedHat Secu ...

It was discovered that the AX25 network subsystem did not correctly check integer signedness in certain setsockopt calls A local attacker could exploit this to crash the system, leading to a denial of service Ubuntu 910 was not affected (CVE-2009-2909) ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture Lo ...

CWE-200 http://secunia.com/advisories/36927 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.4 https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00483.html http://marc.info/?l=oss-security&m=125444390112831&w=2 http://marc.info/?l=oss-security&m=125442304214452&w=2 http://secunia.com/advisories/37075 https://bugzilla.redhat.com/show_bug.cgi?id=526788 http://lkml.org/lkml/2009/10/1/164 http://marc.info/?l=oss-security&m=125511635004768&w=2 http://www.securityfocus.com/bid/36576 https://rhn.redhat.com/errata/RHSA-2009-1540.html http://www.openwall.com/lists/oss-security/2009/10/02/1 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html http://secunia.com/advisories/37351 http://www.redhat.com/support/errata/RHSA-2009-1671.html https://rhn.redhat.com/errata/RHSA-2010-0046.html https://rhn.redhat.com/errata/RHSA-2010-0095.html http://support.avaya.com/css/P8/documents/100073666 http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://www.ubuntu.com/usn/usn-864-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7359 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10823 http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6 https://access.redhat.com/errata/RHSA-2009:1671 https://nvd.nist.gov https://usn.ubuntu.com/864-1/

CVE-2009-2910

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect