CVE-2008-2729

EPSS 0.06%
Veröffentlicht 30.06.2008 22:41:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 20

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 2.6.19

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.193

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://secunia.com/advisories/31628

Broken Link

http://www.redhat.com/support/errata/RHSA-2008-0585.html

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2008:174

Broken Link

http://rhn.redhat.com/errata/RHSA-2008-0508.html

Third Party Advisory

http://secunia.com/advisories/30850

Broken Link

http://secunia.com/advisories/31107

Broken Link

http://www.ubuntu.com/usn/usn-625-1

Third Party Advisory

http://secunia.com/advisories/31551

Broken Link

http://www.debian.org/security/2008/dsa-1630

Third Party Advisory

http://secunia.com/advisories/30849

Broken Link

http://www.redhat.com/support/errata/RHSA-2008-0519.html

Broken Link

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=3022d734a54cbd2b65eea9a024564821101b4a9a%3Bhp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff

http://www.securityfocus.com/bid/29943

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id?1020364

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=451271

Third Party Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/43558

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571

Tool Signature

https://nvd.nist.gov/vuln/detail/CVE-2008-2729

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2729

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2729

EUVD