Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-3881

arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

Related bugs and status

CVE-2010-3881 (Candidate) is related to these bugs:

Bug #717124: CVE-2010-3881

		In	Importance	Status
717124	CVE-2010-3881	linux (Ubuntu)	Low	Fix Released
717124	CVE-2010-3881	linux (Ubuntu Hardy)	Low	Invalid
717124	CVE-2010-3881	linux (Ubuntu Natty)	Low	Fix Released
717124	CVE-2010-3881	linux (Ubuntu Karmic)	Low	Invalid
717124	CVE-2010-3881	linux (Ubuntu Dapper)	Low	Invalid
717124	CVE-2010-3881	linux (Ubuntu Lucid)	Low	Fix Released
717124	CVE-2010-3881	linux (Ubuntu Maverick)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://securitytracker...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: https://bugzilla.redha...
MISC: http://rhn.redhat.com/...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....
MISC: http://www.spinics.net...
MISC: http://openwall.com/li...
MISC: http://openwall.com/li...
MISC: http://git.kernel.org/...
MISC: http://git.kernel.org/...
MISC: http://www.kernel.org/...