Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2009-3228

Published: 19/10/2009 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 188
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Linux Kernel

Vulnerability Summary

The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x prior to 2.4.37.6 and 2.6.x prior to 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 2.6.31

linux linux kernel

canonical ubuntu linux 9.04

canonical ubuntu linux 8.10

canonical ubuntu linux 9.10

canonical ubuntu linux 8.04

canonical ubuntu linux 6.06

redhat enterprise linux server 5.0

redhat enterprise linux workstation 5.0

redhat enterprise linux desktop 5.0

redhat enterprise linux eus 5.4

Vendor Advisories

Ubuntu Security Notice: linux, linux-source-2.6.15 vulnerabilities
It was discovered that the AX25 network subsystem did not correctly check integer signedness in certain setsockopt calls A local attacker could exploit this to crash the system, leading to a denial of service Ubuntu 910 was not affected (CVE-2009-2909) ...
Debian Security Advisories: DSA-1928-1 linux-2.6.24 -- privilege escalation/denial of service/sensitive memory leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture Lo ...

References

CWE-909http://www.openwall.com/lists/oss-security/2009/09/17/1http://www.openwall.com/lists/oss-security/2009/09/06/2http://www.openwall.com/lists/oss-security/2009/09/05/2http://www.openwall.com/lists/oss-security/2009/09/17/9http://patchwork.ozlabs.org/patch/32830/http://www.openwall.com/lists/oss-security/2009/09/07/2http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.6http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc9http://www.openwall.com/lists/oss-security/2009/09/03/1https://bugzilla.redhat.com/show_bug.cgi?id=520990http://www.securitytracker.com/id?1023073https://rhn.redhat.com/errata/RHSA-2009-1548.htmlhttps://rhn.redhat.com/errata/RHSA-2009-1540.htmlhttp://www.ubuntu.com/usn/usn-864-1http://secunia.com/advisories/38834http://www.vupen.com/english/advisories/2010/0528http://lists.vmware.com/pipermail/security-announce/2010/000082.htmlhttp://secunia.com/advisories/38794http://www.mandriva.com/security/advisories?name=MDVSA-2010:198http://www.redhat.com/support/errata/RHSA-2009-1522.htmlhttp://secunia.com/advisories/37084https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9409https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6757http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git%3Ba=commit%3Bh=096ed17f20affc2db0e307658c69b67433992a7ahttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16ebb5e0b36ceadc8186f71d68b0c4fa4b6e781bhttps://usn.ubuntu.com/864-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook