Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-3001
HistoryAug 28, 2009 - 3:30 p.m.

CVE-2009-3001

2009-08-2815:30:00
CWE-200
[email protected]
web.nvd.nist.gov
1

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.9%

JSON

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.

Affected configurations

NVD
Node
linuxlinux_kernelRange<2.6.31
OR
linuxlinux_kernelMatch2.6.31-
OR
linuxlinux_kernelMatch2.6.31rc1
OR
linuxlinux_kernelMatch2.6.31rc2
OR
linuxlinux_kernelMatch2.6.31rc3
OR
linuxlinux_kernelMatch2.6.31rc4
OR
linuxlinux_kernelMatch2.6.31rc5
OR
linuxlinux_kernelMatch2.6.31rc6
Node
canonicalubuntu_linuxMatch6.06lts
OR
canonicalubuntu_linuxMatch8.04lts
OR
canonicalubuntu_linuxMatch8.10
OR
canonicalubuntu_linuxMatch9.04

Related

prion 1
cvelist 1
seebug 1
ubuntucve 1
cve 1
openvas 18
oraclelinux 2
nessus 6
securityvulns 2
osv 3
debian 3
fedora 1
ubuntu 1
prion
prion
Memory corruption
2009-08-28 15:30:00
cvelist
cvelist
CVE-2009-3001
2009-08-28 15:00:00
seebug
seebug
Linux Kernel llc_ui_getnameε‡½ζ•°ζœ¬εœ°δΏ‘ζ―ζ³„ιœ²ζΌζ΄ž
2009-09-02 00:00:00
ubuntucve
ubuntucve
CVE-2009-3001
2009-08-28 00:00:00
cve
cve
CVE-2009-3001
2009-08-28 15:30:00
openvas
openvas
Oracle: Security Advisory (ELSA-2009-1455)
2015-10-08 00:00:00
CentOS Security Advisory CESA-2009:1550 (kernel)
2009-11-11 00:00:00
RedHat Security Advisory RHSA-2009:1550
2009-11-11 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-09-30 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
nessus
nessus
Fedora 10 : kernel-2.6.27.35-170.2.94.fc10 (2009-10165)
2009-10-05 00:00:00
Scientific Linux Security Update : kernel on SL3.x i386/x86_64
2012-08-01 00:00:00
Debian DSA-1929-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak
2010-02-24 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 00:00:00
Linux kernel multiple security vulnerabilities
2009-11-08 00:00:00
osv
osv
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6 - several vulnerabilities
2009-10-22 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
debian
debian
[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-11-06 00:51:43
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 15:58:04
[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-11-05 22:03:48
fedora
fedora
[SECURITY] Fedora 10 Update: kernel-2.6.27.35-170.2.94.fc10
2009-10-03 18:56:05
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-10-22 00:00:00

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.9%

JSON
Related for NVD:CVE-2009-3001
prion1cvelist1seebug1ubuntucve1cve1openvas18oraclelinux2nessus6securityvulns2osv3debian3fedora1ubuntu1