CVE-2008-2729

EPSS 0.06%
Published 30.06.2008 22:41:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.

Affected products Warnungen 0 Metrics 2 CWE 1 References 20

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 2.6.19

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.193

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://secunia.com/advisories/31628

Broken Link

http://www.redhat.com/support/errata/RHSA-2008-0585.html

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2008:174

Broken Link

http://rhn.redhat.com/errata/RHSA-2008-0508.html

Third Party Advisory

http://secunia.com/advisories/30850

Broken Link

http://secunia.com/advisories/31107

Broken Link

http://www.ubuntu.com/usn/usn-625-1

Third Party Advisory

http://secunia.com/advisories/31551

Broken Link

http://www.debian.org/security/2008/dsa-1630

Third Party Advisory

http://secunia.com/advisories/30849

Broken Link

http://www.redhat.com/support/errata/RHSA-2008-0519.html

Broken Link

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=3022d734a54cbd2b65eea9a024564821101b4a9a%3Bhp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff

http://www.securityfocus.com/bid/29943

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id?1020364

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=451271

Third Party Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/43558

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571

Tool Signature

https://nvd.nist.gov/vuln/detail/CVE-2008-2729

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2729

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2729

EUVD