[Bug 711291] [NEW] CVE-2010-3877

Tue, 01 Feb 2011 07:26:09 -0800 

*** This bug is a security vulnerability ***

Public security bug reported:

The get_name function in net/tipc/socket.c in the Linux kernel before
2.6.37-rc2 does not initialize a certain structure, which allows local
users to obtain potentially sensitive information from kernel stack memory
by reading a copy of this structure.

** Affects: linux (Ubuntu)
     Importance: Low
     Assignee: Andy Whitcroft (apw)
         Status: Fix Released

** Affects: linux (Ubuntu Lucid)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Maverick)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Natty)
     Importance: Low
     Assignee: Andy Whitcroft (apw)
         Status: Fix Released

** Affects: linux (Ubuntu Dapper)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Hardy)
     Importance: Low
         Status: New

** Affects: linux (Ubuntu Karmic)
     Importance: Low
         Status: New


** Tags: kernel-cve-tracker

** Visibility changed to: Public

** Also affects: linux (Ubuntu Hardy)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Karmic)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Maverick)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Natty)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Dapper)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu Dapper)
   Importance: Undecided => Low

** Changed in: linux (Ubuntu Lucid)
   Importance: Undecided => Low

** Changed in: linux (Ubuntu Maverick)
   Importance: Undecided => Low

** Changed in: linux (Ubuntu Natty)
   Importance: Undecided => Low

** Changed in: linux (Ubuntu Natty)
     Assignee: (unassigned) => Andy Whitcroft (apw)

** Changed in: linux (Ubuntu Hardy)
   Importance: Undecided => Low

** Changed in: linux (Ubuntu Karmic)
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/711291

Title:
  CVE-2010-3877

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to