Back to search
CVE-2009-2847
Published: Aug 18, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20090804 CVE request - kernel: information leak in sigaltstack
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=515392
x_refsource_CONFIRM
37471
third-party-advisory
x_refsource_SECUNIA
USN-852-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2009:1243
vendor-advisory
x_refsource_REDHAT
36759
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
x_refsource_CONFIRM
[oss-security] 20090826 Re: CVE request - kernel: information leak in sigaltstack
mailing-list
x_refsource_MLIST
oval:org.mitre.oval:def:10637
vdb-entry
signature
x_refsource_OVAL
36562
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-9044
vendor-advisory
x_refsource_FEDORA
oval:org.mitre.oval:def:8405
vdb-entry
signature
x_refsource_OVAL
9352
exploit
x_refsource_EXPLOIT-DB
36501
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20090805 Re: CVE request - kernel: information leak in sigaltstack
mailing-list
x_refsource_MLIST
RHSA-2009:1438
vendor-advisory
x_refsource_REDHAT
ADV-2009-3316
vdb-entry
x_refsource_VUPEN
37105
third-party-advisory
x_refsource_SECUNIA
36136
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now