CVE-2008-0598

Priority
Low
Description
Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux
kernel 2.6.9, 2.6.18, and probably other versions allows local users to
read uninitialized memory via unknown vectors involving a crafted binary.
Ubuntu-Description
Tavis Ormandy discovered that the ia32 emulation under 64bit kernels
did not fully clear uninitialized data. A local attacker could read
private kernel memory, leading to a loss of privacy.
References
Notes
kees> needs http://lkml.org/lkml/diff/2008/6/25/157/1
kees> maybe linux-2.6: 64649a58919e66ec21792dbb6c48cb3da22cbd7f
Package
Upstream:not-affected
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needed
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:not-affected
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:not-affected
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.24)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:18:34 UTC (commit 5347)