CVE-2010-2942

MEDIUM

Linux kernel <2.6.36-rc2 - Info Disclosure

Title source: llm

Description

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.

References (23)

[Patch] http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

[Mailing List, Patch, Third Party Advisory] http://patchwork.ozlabs.org/patch/61857/

[Broken Link] http://secunia.com/advisories/41512

[Broken Link] http://secunia.com/advisories/46397

[Third Party Advisory] http://support.avaya.com/css/P8/documents/100113326

[Broken Link] http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/08/18/1

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/08/19/4

[Broken Link] http://www.redhat.com/support/errata/RHSA-2010-0723.html

[Broken Link] http://www.redhat.com/support/errata/RHSA-2010-0771.html

[Broken Link] http://www.redhat.com/support/errata/RHSA-2010-0779.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/520102/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/42529

[Third Party Advisory] http://www.ubuntu.com/usn/USN-1000-1

[Third Party Advisory] http://www.vmware.com/security/advisories/VMSA-2011-0012.html

... and 3 more

Scores

CVSS v3 5.5

EPSS 0.0006

EPSS Percentile 19.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-401

Status draft

Affected Products (38)

linux/linux_kernel < 2.6.35.13

linux/linux_kernel

linux/linux_kernel

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

opensuse/opensuse

opensuse/opensuse

suse/suse_linux_enterprise_desktop

suse/suse_linux_enterprise_desktop

suse/suse_linux_enterprise_desktop

suse/suse_linux_enterprise_server

... and 23 more

Timeline

Published Sep 21, 2010

Tracked Since Feb 18, 2026