CVE-2010-3881

Published: Dec 23, 2010Modified: Apr 29, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

Affected (6)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux Server, Enterprise Linux Workstation · Suse: Suse Linux Enterprise Desktop, Suse Linux Enterprise High Availability Extension, Suse Linux Enterprise Server

1 product

2 products

Enterprise Linux Server

Enterprise Linux Workstation

3 products

Suse Linux Enterprise Desktop

Suse Linux Enterprise High Availability Extension

Suse Linux Enterprise Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.36.2

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Workstation	Version 6.0
Suse Suse Linux Enterprise Desktop	Version 11 sp1
Suse Suse Linux Enterprise High Availability Extension	Version 11 sp1
Suse Suse Linux Enterprise Server	Version 11 sp1

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (32)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97e69aa62f8b5d338d6cff49be09e37cc1262838

Source: secalert@redhat.com

http://git.kernel.org/?p=virt/kvm/kvm.git%3Ba=commit%3Bh=831d9d02f9522e739825a51a11e3bc5aa531a905

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/04/10

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/05/4

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2010-0998.html

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42932

Source: secalert@redhat.com

Third Party Advisory

http://securitytracker.com/id?1024912

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Source: secalert@redhat.com

Release NotesVendor Advisory

http://www.securityfocus.com/bid/44666

Source: secalert@redhat.com

PatchThird Party AdvisoryVDB Entry

http://www.spinics.net/lists/kvm/msg44130.html

Source: secalert@redhat.com

PatchThird Party Advisory

http://www.vupen.com/english/advisories/2010/3287

Source: secalert@redhat.com

Permissions Required

http://www.vupen.com/english/advisories/2011/0124

Source: secalert@redhat.com

Permissions Required

http://www.vupen.com/english/advisories/2011/0298

Source: secalert@redhat.com

Permissions Required

https://bugzilla.redhat.com/show_bug.cgi?id=649920

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97e69aa62f8b5d338d6cff49be09e37cc1262838

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.kernel.org/?p=virt/kvm/kvm.git%3Ba=commit%3Bh=831d9d02f9522e739825a51a11e3bc5aa531a905

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/04/10

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/05/4

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2010-0998.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://secunia.com/advisories/42932

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://securitytracker.com/id?1024912

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

http://www.securityfocus.com/bid/44666

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryVDB Entry

http://www.spinics.net/lists/kvm/msg44130.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

http://www.vupen.com/english/advisories/2010/3287

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

http://www.vupen.com/english/advisories/2011/0124

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

http://www.vupen.com/english/advisories/2011/0298

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://bugzilla.redhat.com/show_bug.cgi?id=649920

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

Timeline

No history available yet.