CVE-2008-2729
Published: June 30, 2008Last modified: November 10, 2023
Description
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Not affected (6.1.50-r0) |
| Stream | linux-lts | Not affected (6.1.50-r0) |
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=3022d734a54cbd2b65eea9a024564821101b4a9a%3Bhp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff
- http://rhn.redhat.com/errata/RHSA-2008-0508.html
- http://secunia.com/advisories/30849
- http://secunia.com/advisories/30850
- http://secunia.com/advisories/31107
- http://secunia.com/advisories/31551
- http://secunia.com/advisories/31628
- http://www.debian.org/security/2008/dsa-1630
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
- http://www.redhat.com/support/errata/RHSA-2008-0519.html
- http://www.redhat.com/support/errata/RHSA-2008-0585.html
- http://www.securityfocus.com/bid/29943
- http://www.securitytracker.com/id?1020364
- http://www.ubuntu.com/usn/usn-625-1
- https://bugzilla.redhat.com/show_bug.cgi?id=451271
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43558
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571