The kernel is vulnerable to Information Disclosure. Due to missing initialization flaws found in the Linux kernel, padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks.
git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git;a=commit;h=096ed17f20affc2db0e307658c69b67433992a7a
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=16ebb5e0b36ceadc8186f71d68b0c4fa4b6e781b
kbase.redhat.com/faq/docs/DOC-18042
lists.vmware.com/pipermail/security-announce/2010/000082.html
patchwork.ozlabs.org/patch/32830/
secunia.com/advisories/37084
secunia.com/advisories/38794
secunia.com/advisories/38834
www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.6
www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.31/ChangeLog-2.6.31-rc9
www.mandriva.com/security/advisories?name=MDVSA-2010:198
www.openwall.com/lists/oss-security/2009/09/03/1
www.openwall.com/lists/oss-security/2009/09/05/2
www.openwall.com/lists/oss-security/2009/09/06/2
www.openwall.com/lists/oss-security/2009/09/07/2
www.openwall.com/lists/oss-security/2009/09/17/1
www.openwall.com/lists/oss-security/2009/09/17/9
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-1522.html
www.securitytracker.com/id?1023073
www.ubuntu.com/usn/usn-864-1
www.vupen.com/english/advisories/2010/0528
access.redhat.com/errata/RHSA-2009:1548
bugzilla.redhat.com/show_bug.cgi?id=520990
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6757
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9409
rhn.redhat.com/errata/RHSA-2009-1540.html
rhn.redhat.com/errata/RHSA-2009-1548.html