CVE-2010-3881

Published: Dec 23, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SA:2011:004

vendor-advisory

x_refsource_SUSE

[kvm] 20101030 [patch v2] x86: kvm: x86: fix information leak to userland

mailing-list

x_refsource_MLIST

44666

vdb-entry

x_refsource_BID

[oss-security] 20101105 Re: CVE request: kernel: kvm kernel stack leakage

mailing-list

x_refsource_MLIST

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97e69aa62f8b5d338d6cff49be09e37cc1262838

x_refsource_CONFIRM

42932

third-party-advisory

x_refsource_SECUNIA

ADV-2011-0124

vdb-entry

x_refsource_VUPEN

1024912

vdb-entry

x_refsource_SECTRACK

SUSE-SA:2011:007

vendor-advisory

x_refsource_SUSE

ADV-2011-0298

vdb-entry

x_refsource_VUPEN

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=649920

x_refsource_CONFIRM

http://git.kernel.org/?p=virt/kvm/kvm.git%3Ba=commit%3Bh=831d9d02f9522e739825a51a11e3bc5aa531a905

x_refsource_CONFIRM

[oss-security] 20101104 CVE request: kernel: kvm kernel stack leakage

mailing-list

x_refsource_MLIST

RHSA-2010:0998

vendor-advisory

x_refsource_REDHAT

ADV-2010-3287

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-3881

Description

Affected Products

References