CVE-2009-3612 (retired)

Priority
Description
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem
in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does
not initialize a certain tcm__pad2 structure member, which might allow
local users to obtain sensitive information from kernel memory via
unspecified vectors. NOTE: this issue exists because of an incomplete fix
for CVE-2005-4881.
Package
Upstream:released (2.6.32~rc5)
More Information

Updated: 2019-03-26 11:49:16 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)