Published: 30/09/2010 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel prior to 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.36
linux linux kernel
suse linux enterprise desktop 11
opensuse opensuse 11.1
suse linux enterprise server 11
suse linux enterprise real time extension 11
debian debian linux 5.0
canonical ubuntu linux 10.10
canonical ubuntu linux 9.10
canonical ubuntu linux 10.04
canonical ubuntu linux 6.06

Synopsis Moderate: kernel-rt security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel-rt packages that fix multiple security issues and upgradethe kernel-rt kernel to version 26337-rt29 are now available for Red HatEnterprise MRG 13The Red Hat Security Response Team ha ...

Multiple kernel flaws ...

Multiple vulnerabilities in Linux kernel ...

Multiple kernel flaws ...

An attacker could send crafted input to the kernel and cause it to crash ...

Multiple kernel flaws ...

Multiple kernel flaws have been fixed ...

Multiple security flaws in Linux kernel ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-909 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5 http://secunia.com/advisories/41440 https://bugzilla.redhat.com/show_bug.cgi?id=633145 http://www.openwall.com/lists/oss-security/2010/09/14/2 http://www.openwall.com/lists/oss-security/2010/09/14/7 http://lkml.org/lkml/2010/9/11/168 http://www.securityfocus.com/bid/43229 http://www.redhat.com/support/errata/RHSA-2010-0771.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html http://www.debian.org/security/2010/dsa-2126 http://www.vupen.com/english/advisories/2011/0070 http://www.ubuntu.com/usn/USN-1041-1 http://secunia.com/advisories/42758 http://www.vupen.com/english/advisories/2011/0298 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://secunia.com/advisories/43161 http://www.vupen.com/english/advisories/2011/0280 http://www.ubuntu.com/usn/USN-1057-1 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=44467187dc22fdd33a1a06ea0ba86ce20be3fe3c https://access.redhat.com/errata/RHSA-2010:0771 https://nvd.nist.gov https://usn.ubuntu.com/1072-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3297

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect