QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-3078

Back to search

CVE-2010-3078

Published: Sep 21, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call.

VendorProductVersions

n/a

n/a

affected
n/a

References

USN-1000-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SA:2010:041
vendor-advisory
x_refsource_SUSE
46397
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0007
vendor-advisory
x_refsource_REDHAT
ADV-2010-2430
vdb-entry
x_refsource_VUPEN
SUSE-SA:2011:007
vendor-advisory
x_refsource_SUSE
ADV-2011-0298
vdb-entry
x_refsource_VUPEN
SUSE-SA:2010:050
vendor-advisory
x_refsource_SUSE
RHSA-2010:0839
vendor-advisory
x_refsource_REDHAT
42890
third-party-advisory
x_refsource_SECUNIA
1024418
vdb-entry
x_refsource_SECTRACK
41284
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2010:054
vendor-advisory
x_refsource_SUSE
43022
vdb-entry
x_refsource_BID
41512
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now