CVE-2010-2942

Priority
Low
Description
The actions implementation in the network queueing functionality in the
Linux kernel before 2.6.36-rc2 does not properly initialize certain
structure members when performing dump operations, which allows local users
to obtain potentially sensitive information from kernel memory via vectors
related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the
tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump
function in net/sched/act_nat.c, (4) the tcf_simp_dump function in
net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in
net/sched/act_skbedit.c.
Ubuntu-Description
Eric Dumazet discovered that many network functions could leak kernel stack
contents. A local attacker could exploit this to read portions of kernel
memory, leading to a loss of privacy.
References
Assigned-to
sconklin
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Patches:
Dapper:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-2942/patches/dapper/linux/0001-net-sched-fix-some-kernel-memory-leaks.txt
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-309.18)
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-216.33)
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.35-25.44~lucid1)
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-28.80)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-25.45)
Ubuntu 11.04 (Natty Narwhal):not-affected
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=1c40be12f7d8ca1d387510d39787b12e512a7ce8
Hardy:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-2942/patches/hardy/linux/0001-net-sched-fix-some-kernel-memory-leaks.txt
Jaunty:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-2942/patches/jaunty/linux/0001-net-sched-fix-some-kernel-memory-leaks.txt
Karmic:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-2942/patches/karmic/linux/0001-net-sched-fix-some-kernel-memory-leaks.txt
Lucid:http://chinstrap.ubuntu.com/~sconklin/CVEs/CVE-2010-2942/patches/lucid/linux/0001-net-sched-fix-some-kernel-memory-leaks.txt
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.31-608.22)
Ubuntu 11.04 (Natty Narwhal):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:21:15 UTC (commit 5347)