PublicDate: 2008-09-03 14:12:00 UTC
Candidate: CVE-2008-3901
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3901
Description:
 Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores
 pre-boot authentication passwords in the BIOS Keyboard buffer and does not
 clear this buffer after use, which allows local users to obtain sensitive
 information by reading the physical memory locations associated with this
 buffer.
Ubuntu-Description:
Notes:
 jdstrand> requires root access to the machine which gives access to do
  anything anyway (unless restricting root access via SELinux, which Ubuntu
  does not)
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: needs-triage
dapper_linux-source-2.6.15: needed
feisty_linux-source-2.6.15: DNE
gutsy_linux-source-2.6.15: DNE
hardy_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux-source-2.6.20:
upstream_linux-source-2.6.20: needs-triage
dapper_linux-source-2.6.20: DNE
feisty_linux-source-2.6.20: needed
gutsy_linux-source-2.6.20: DNE
hardy_linux-source-2.6.20: DNE
devel_linux-source-2.6.20: DNE

Patches_linux-source-2.6.22:
upstream_linux-source-2.6.22: needs-triage
dapper_linux-source-2.6.22: DNE
feisty_linux-source-2.6.22: DNE
gutsy_linux-source-2.6.22: needed
hardy_linux-source-2.6.22: DNE
devel_linux-source-2.6.22: DNE

Patches_linux:
upstream_linux: needs-triage
dapper_linux: DNE
feisty_linux: DNE
gutsy_linux: DNE
hardy_linux: needed
devel_linux: needed