Back to search
CVE-2010-3296
Published: Sep 30, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5
x_refsource_CONFIRM
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
mailing-list
x_refsource_BUGTRAQ
RHSA-2011:0017
vendor-advisory
x_refsource_REDHAT
46397
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks
mailing-list
x_refsource_MLIST
[oss-security] 20100914 CVE request: kernel: numerous infoleaks
mailing-list
x_refsource_MLIST
[linux-kernel] 20100911 [PATCH] drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory
mailing-list
x_refsource_MLIST
USN-1041-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=633149
x_refsource_CONFIRM
SUSE-SA:2011:007
vendor-advisory
x_refsource_SUSE
ADV-2011-0298
vdb-entry
x_refsource_VUPEN
SUSE-SA:2010:050
vendor-advisory
x_refsource_SUSE
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
x_refsource_CONFIRM
42758
third-party-advisory
x_refsource_SECUNIA
42884
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0070
vdb-entry
x_refsource_VUPEN
SUSE-SA:2010:054
vendor-advisory
x_refsource_SUSE
41440
third-party-advisory
x_refsource_SECUNIA
43221
vdb-entry
x_refsource_BID
DSA-2126
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now