CVE-2008-2729

Priority
Description
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64
systems does not erase destination memory locations after an exception
during kernel memory copy, which allows local users to obtain sensitive
information.
Ubuntu-Description
The copy_to_user routine in the kernel did not correctly clear memory
destination addresses when running on 64bit kernels. A local attacker
could exploit this to gain access to sensitive kernel memory, leading
to a loss of privacy.
Notes
keesbackported to Dapper
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.19~rc1)
Patches:
Upstream:3022d734a54cbd2b65eea9a024564821101b4a9a
Vendor:ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-67.0.20.EL.src.rpm:SOURCES/linux-2.6.9-x86_64-copy_user-zero-tail.patch
Package
Upstream:released (2.6.19~rc1)
Package
Upstream:released (2.6.19~rc1)
Package
Upstream:released (2.6.19~rc1)
Package
Upstream:released (2.6.19~rc1)
More Information

Updated: 2020-03-18 21:58:20 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)