The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x prior to 2.6.32-rc5, and 2.4.37.6 and previous versions, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 2.6.32 |
||
linux linux kernel |
||
suse linux enterprise server 10 |
||
opensuse opensuse 11.0 |
||
suse linux enterprise desktop 10 |
||
suse linux enterprise software development kit 10 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
fedoraproject fedora 10 |