QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-3228

Back to search

CVE-2009-3228

Published: Oct 19, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2009:1540
vendor-advisory
x_refsource_REDHAT
USN-864-1
vendor-advisory
x_refsource_UBUNTU
38794
third-party-advisory
x_refsource_SECUNIA
MDVSA-2010:198
vendor-advisory
x_refsource_MANDRIVA
37084
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:1522
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:9409
vdb-entry
signature
x_refsource_OVAL
RHSA-2009:1548
vendor-advisory
x_refsource_REDHAT
38834
third-party-advisory
x_refsource_SECUNIA
1023073
vdb-entry
x_refsource_SECTRACK
oval:org.mitre.oval:def:6757
vdb-entry
signature
x_refsource_OVAL
ADV-2010-0528
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now