Vulnerability Description
The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 2.6.35.13 |
| Canonical | Ubuntu Linux | 6.06 |
| Opensuse | Opensuse | 11.1 |
| Suse | Suse Linux Enterprise Desktop | 10 |
| Suse | Suse Linux Enterprise Server | 10 |
| Avaya | Aura Communication Manager | 5.2 |
| Avaya | Aura Presence Services | 6.0 |
| Avaya | Aura Session Manager | 1.1 |
| Avaya | Aura System Manager | 5.2 |
| Avaya | Aura System Platform | 1.1 |
| Avaya | Iq | 5.0 |
| Avaya | Voice Portal | 5.0 |
| Vmware | Esx | 4.0 |
Related Weaknesses (CWE)
References
- http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40b
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlMailing ListThird Party Advisory
- http://patchwork.ozlabs.org/patch/61857/Mailing ListPatchThird Party Advisory
- http://secunia.com/advisories/41512Broken Link
- http://secunia.com/advisories/46397Broken Link
- http://support.avaya.com/css/P8/documents/100113326Third Party Advisory
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2Broken Link
- http://www.openwall.com/lists/oss-security/2010/08/18/1Mailing ListPatchThird Party Advisory
- http://www.openwall.com/lists/oss-security/2010/08/19/4Mailing ListPatchThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2010-0723.htmlBroken Link
- http://www.redhat.com/support/errata/RHSA-2010-0771.htmlBroken Link
FAQ
What is CVE-2010-2942?
CVE-2010-2942 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which all...
How severe is CVE-2010-2942?
CVE-2010-2942 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2942?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Canonical Ubuntu Linux, Opensuse Opensuse, Suse Suse Linux Enterprise Desktop, Suse Suse Linux Enterprise Server.