4.9

CVE-2009-2847

The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxKernel Version2.6.24.7
   LinuxLinux Editionx64
LinuxKernel Version2.6.25.15
   LinuxLinux Editionx64
LinuxLinux Kernel Update-rc5 Version <= 2.6.16.31
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.0
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.10
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.4
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.5
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.6
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.7
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.8
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.9
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.10
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.11
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.11.12
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12.2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12.3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12.4
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12.5
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.12.6
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.13
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.13.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.13.2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.13.3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.13.4
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.13.5
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.4
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.5
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.6
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.14.7
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.4
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.5
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.6
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.15.7
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.10
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.11
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.12
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.13
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.14
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.15
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.16
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.17
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.18
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.19
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.20
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.21
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.22
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.23
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.24
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.25
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.26
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.27
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.28
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.29
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.30
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.31
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.31 Update-rc1
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.31 Update-rc2
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.31 Update-rc3
   LinuxLinux Editionx64
LinuxLinux Kernel Version2.6.16.31 Update-rc4
   LinuxLinux Editionx64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.94% 0.562
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:C/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/37471
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
http://rhn.redhat.com/errata/RHSA-2009-1243.html
http://secunia.com/advisories/36562
http://secunia.com/advisories/36759
http://www.redhat.com/support/errata/RHSA-2009-1438.html
http://secunia.com/advisories/37105
http://www.ubuntu.com/usn/USN-852-1
http://secunia.com/advisories/36501
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=0083fc2c50e6c5127c2802ad323adf8143ab7856
http://secunia.com/advisories/36136
http://www.exploit-db.com/exploits/9352
http://www.openwall.com/lists/oss-security/2009/08/04/1
Patch
http://www.openwall.com/lists/oss-security/2009/08/05/1
Patch
http://www.openwall.com/lists/oss-security/2009/08/26/2
https://bugzilla.redhat.com/show_bug.cgi?id=515392
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405