Описание
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
Отчет
This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and Red Hat Enterprise MRG as they did not include support for Kernel-based Virtual Machine (KVM). A future kernel update in Red Hat Enterprise Linux 5 may address this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Affected | ||
| Red Hat Enterprise Linux 5 | kvm | Fixed | RHSA-2010:0998 | 20.12.2010 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2011:0542 | 19.05.2011 |
| Red Hat Enterprise Linux 6.0 EUS - Server Only | kernel | Fixed | RHSA-2011:0883 | 21.06.2011 |
Показывать по
Дополнительная информация
Статус:
EPSS
1.9 Low
CVSS2
Связанные уязвимости
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initia ...
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.
EPSS
1.9 Low
CVSS2