CVE-2009-2847
Vulnerability from cvelistv5
Published
2009-08-18 20:41
Modified
2024-08-07 06:07
Severity ?
Summary
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:07:36.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20090804 CVE request - kernel: information leak in sigaltstack",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/08/04/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515392"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "name": "USN-852-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-852-1"
          },
          {
            "name": "RHSA-2009:1243",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1243.html"
          },
          {
            "name": "36759",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36759"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "[oss-security] 20090826 Re: CVE request - kernel: information leak in sigaltstack",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/08/26/2"
          },
          {
            "name": "oval:org.mitre.oval:def:10637",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "name": "36562",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36562"
          },
          {
            "name": "FEDORA-2009-9044",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=0083fc2c50e6c5127c2802ad323adf8143ab7856"
          },
          {
            "name": "oval:org.mitre.oval:def:8405",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405"
          },
          {
            "name": "9352",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/9352"
          },
          {
            "name": "36501",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36501"
          },
          {
            "name": "[oss-security] 20090805 Re: CVE request - kernel: information leak in sigaltstack",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/08/05/1"
          },
          {
            "name": "RHSA-2009:1438",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1438.html"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          },
          {
            "name": "37105",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37105"
          },
          {
            "name": "36136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36136"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20090804 CVE request - kernel: information leak in sigaltstack",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/08/04/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515392"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "name": "USN-852-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-852-1"
        },
        {
          "name": "RHSA-2009:1243",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-1243.html"
        },
        {
          "name": "36759",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36759"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "[oss-security] 20090826 Re: CVE request - kernel: information leak in sigaltstack",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/08/26/2"
        },
        {
          "name": "oval:org.mitre.oval:def:10637",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "name": "36562",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36562"
        },
        {
          "name": "FEDORA-2009-9044",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=0083fc2c50e6c5127c2802ad323adf8143ab7856"
        },
        {
          "name": "oval:org.mitre.oval:def:8405",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405"
        },
        {
          "name": "9352",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/9352"
        },
        {
          "name": "36501",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36501"
        },
        {
          "name": "[oss-security] 20090805 Re: CVE request - kernel: information leak in sigaltstack",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/08/05/1"
        },
        {
          "name": "RHSA-2009:1438",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1438.html"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        },
        {
          "name": "37105",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37105"
        },
        {
          "name": "36136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36136"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-2847",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20090804 CVE request - kernel: information leak in sigaltstack",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/08/04/1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=515392",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515392"
            },
            {
              "name": "37471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37471"
            },
            {
              "name": "USN-852-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-852-1"
            },
            {
              "name": "RHSA-2009:1243",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2009-1243.html"
            },
            {
              "name": "36759",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36759"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
            },
            {
              "name": "[oss-security] 20090826 Re: CVE request - kernel: information leak in sigaltstack",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/08/26/2"
            },
            {
              "name": "oval:org.mitre.oval:def:10637",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637"
            },
            {
              "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
            },
            {
              "name": "36562",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36562"
            },
            {
              "name": "FEDORA-2009-9044",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0083fc2c50e6c5127c2802ad323adf8143ab7856",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0083fc2c50e6c5127c2802ad323adf8143ab7856"
            },
            {
              "name": "oval:org.mitre.oval:def:8405",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405"
            },
            {
              "name": "9352",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/9352"
            },
            {
              "name": "36501",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36501"
            },
            {
              "name": "[oss-security] 20090805 Re: CVE request - kernel: information leak in sigaltstack",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/08/05/1"
            },
            {
              "name": "RHSA-2009:1438",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1438.html"
            },
            {
              "name": "ADV-2009-3316",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3316"
            },
            {
              "name": "37105",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37105"
            },
            {
              "name": "36136",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36136"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-2847",
    "datePublished": "2009-08-18T20:41:00",
    "dateReserved": "2009-08-18T00:00:00",
    "dateUpdated": "2024-08-07T06:07:36.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-2847\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-08-18T21:00:00.377\",\"lastModified\":\"2023-11-07T02:04:16.160\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n do_sigaltstack en kernel/signal.c en el kernel de Linux 2.6 antes de 2.6.31-RC5, cuando se ejecuta en sistemas de 64 bits, no limpia algunos octetos de relleno de una estructura, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la pila del n\u00facleo a trav\u00e9s de la funci\u00f3n sigaltstack.\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue has been rated as having moderate security impact. It was addressed in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG:\\nhttp://rhn.redhat.com/cve/CVE-2009-2847.html\\n\\nThis issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important or critical impact are addressed.  For further information about Errata Support Policy, visit: http://www.redhat.com/security/updates/errata/\",\"lastModified\":\"2009-09-15T00:00:00\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:N/A:N\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.9},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1760FDC9-BB79-4299-8A6D-482085EE5BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56EEB157-5037-4EAD-8625-35B91B167111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.16.31\",\"matchCriteriaId\":\"6277DB43-CBB1-4E4A-B071-0D82CE293F3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC560CC-F785-42D5-A25B-1BA02E7AC464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142BCD48-8387-4D0C-A052-44DD4144CBFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8220D81-9065-471F-9256-CFE7B9941555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDE1E92-C64D-4A3B-95A2-384BD772B28B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D90502F-EC45-4ADC-9428-B94346DA660B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CD39A7A-9172-4B85-B8FE-CEB94207A897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F5C369-6BFB-445F-AA8B-6F6FA7C33EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81DE32C2-5B07-4812-9F88-000F5FB000C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02EED3D5-8F89-4B7F-A34B-52274B1A754F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F87AA89-F377-4BEB-B69F-809F5DA6176C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C27AF62E-A026-43E9-89E6-CD807CE9DF51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79C2AE0E-DAE8-4443-B33F-6ABA9019AA88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D343B121-C007-49F8-9DE8-AA05CE58FF0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7936B7EE-9CD1-4698-AD67-C619D0171A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A2AA2D-5183-4C49-A59D-AEB7D9B5A69E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A0370A2-0A23-4E34-A2AC-8D87D051B0B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5738D628-0B2D-4F56-9427-2009BFCB6C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F43EBCB4-FCF4-479A-A44D-D913F7F09C77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860F9225-8A3F-492C-B72B-5EFFB322802C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E23724-2CA4-4211-BB83-38661BE7E6AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6143DC1F-D62E-4DB2-AF43-30A07413D68B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"298266AB-2A36-4606-BF80-2185FC56C4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C2658CA-56C2-494F-AC42-618EC413CBDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD34526D-F2CC-44C5-991D-B1E41C327860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F0B900-34E9-4545-B7AE-AF0A4363EACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36F432D-FED1-4B8D-A458-BEDEEF306AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25379B32-D898-4E44-A740-978A129B5E05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B90F8F2-9549-413D-9676-3EF634D832B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915E64EF-6EEC-4DE2-A285-5F3FCE389645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BEE46-088A-494E-8E18-03F33F6BBEA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF35478-B292-4A00-B985-CEEDE8B212C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E85846A-61BE-4896-B4A6-42A7E1DBA515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6E3B925-031D-4F6D-915A-A16F0FFA878C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7344B707-6145-48BA-8BC9-9B140A260BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BFCEA98-C708-4E1E-B189-E6F96D28F07A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B753112-CCDE-4870-AA97-4AAA2946421A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79B3AFE7-F4FF-4144-9046-E5926E305A03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7616E197-ACCA-4191-A513-FD48417C7F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED1AA7FC-F5B9-406C-ABE4-0BE5E9889619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EE2F94D-E8E0-4BB7-A910-378012580025\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F5AE3B-B701-4579-B44A-0F7A4267852E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E60197-56C3-485C-9609-B1C4A0E0FCB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E452E4-45A9-4469-BF69-F40B6598F0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5751AC4-A60F-42C6-88E5-FC8CFEE6F696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795C3B17-687E-4F33-AA99-8FEC16F14693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B81A4DD-2ADE-4455-B517-5E4E0532D5A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BD589CC-666B-4FAA-BCF0-91C484BDDB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD622EE-A840-42E1-B6BF-4AA27D039B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900D6742-DE0F-45C5-A812-BF84088CB02A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"225CA94C-8C84-4FA6-95D0-160A0016FBFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D88ED3C4-64C5-44B2-9F23-E16087046C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FB31E5-190C-489A-AB30-910D2CC854F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF4A781A-4A41-466F-8426-10B40CF8BA1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED29B3F-456B-4767-8E59-8C19A3B7E1D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6316369-B54A-4E59-A022-E0610353B284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073C3CE0-E12D-4545-8460-5A1514271D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"670FAA25-A86F-4E04-A3A0-0B3FF6CF9C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEB33DEA-13C7-4B36-AB8A-ED680679A071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86DD0FCC-BB12-410D-8C82-AB99C7C5311E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83700989-8820-48DA-A9FE-6A77DF1E8439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC9F4CEC-7781-468B-B460-4F487B7C6601\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67C75A62-8807-4821-9362-1E0D63C0A1B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"894D4812-D62F-489E-8D0E-5E9468CE8EC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F92E01-4F08-4364-9E87-FFBC095E32E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC36074C-C310-4341-8B3C-BB34E572BF94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCC155A-C68C-44A8-8C44-7979C9889C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"040EBFDA-7F8D-428F-BB69-BB1B52BB868B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E703D2-8CC9-421A-9728-75E8FCFB4FE6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:linux:linux:*:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"62F1CAA4-7A50-4F1C-A542-210C50273D8E\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=0083fc2c50e6c5127c2802ad323adf8143ab7856\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2009-1243.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36136\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36501\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36562\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36759\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37105\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37471\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.exploit-db.com/exploits/9352\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/04/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/05/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/26/2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1438.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/507985/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-852-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/3316\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=515392\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html\",\"source\":\"cve@mitre.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.