[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-3276Date: (C)2005-10-20   (M)2023-12-22


The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.1
Exploit Score: 3.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
BID-15527
SECUNIA-17826
SECUNIA-18056
SECUNIA-18510
SECUNIA-19252
DSA-922
FLSA:157459-1
FLSA:157459-2
FLSA:157459-3
MDKSA-2005:218
MDKSA-2005:219
MDKSA-2005:220
RHSA-2006:0101
RHSA-2006:0144
USN-219-1
http://linux.bkbits.net:8080/linux-2.6/cset%4042e81864gSEM90Oun0jA8dufpM3inw
http://lkml.org/lkml/2005/8/3/36
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=71ae18ec690953e9ba7107c7cc44589c2cc0d9f1
oval:org.mitre.oval:def:9748

CPE    30
cpe:/o:linux:linux_kernel:2.6.13
cpe:/o:linux:linux_kernel:2.6.8
cpe:/o:linux:linux_kernel:2.6.12
cpe:/o:linux:linux_kernel:2.6.11
...

© SecPod Technologies