Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2008-2729

Back to Search

SUSE Linux Security Vulnerability: CVE-2008-2729

Severity
5
CVSS
(AV:L/AC:L/Au:N/C:C/I:N/A:N)
Published
06/30/2008
Created
07/25/2018
Added
12/12/2013
Modified
06/21/2018

Description

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.

Solution(s)

  • suse-upgrade-kernel-debug
  • suse-upgrade-kernel-default
  • suse-upgrade-kernel-kdump
  • suse-upgrade-kernel-smp
  • suse-upgrade-kernel-source
  • suse-upgrade-kernel-syms
  • suse-upgrade-kernel-xen

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;