Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2010-2942
Deferred
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-21 Sep, 2010 | 18:00
Updated At-11 Apr, 2025 | 00:51

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions up to 2.6.35.13(inclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.36
cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>2.6.36
cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>8.04
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>9.04
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>9.10
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>10.10
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>11.1
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>11.3
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_desktop>>10
cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_desktop>>11
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:-:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_desktop>>11
cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_server>>10
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_server>>11
cpe:2.3:o:suse:suse_linux_enterprise_server:11:-:*:*:*:*:*:*
SUSE
suse
>>suse_linux_enterprise_server>>11
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_communication_manager>>5.2
cpe:2.3:a:avaya:aura_communication_manager:5.2:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_presence_services>>6.0
cpe:2.3:a:avaya:aura_presence_services:6.0:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_presence_services>>6.1
cpe:2.3:a:avaya:aura_presence_services:6.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_presence_services>>6.1.1
cpe:2.3:a:avaya:aura_presence_services:6.1.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_session_manager>>1.1
cpe:2.3:a:avaya:aura_session_manager:1.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_session_manager>>5.2
cpe:2.3:a:avaya:aura_session_manager:5.2:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_session_manager>>6.0
cpe:2.3:a:avaya:aura_session_manager:6.0:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_manager>>5.2
cpe:2.3:a:avaya:aura_system_manager:5.2:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_manager>>6.0
cpe:2.3:a:avaya:aura_system_manager:6.0:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_manager>>6.1
cpe:2.3:a:avaya:aura_system_manager:6.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_manager>>6.1.1
cpe:2.3:a:avaya:aura_system_manager:6.1.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_platform>>1.1
cpe:2.3:a:avaya:aura_system_platform:1.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_platform>>6.0
cpe:2.3:a:avaya:aura_system_platform:6.0:-:*:*:*:*:*:*
Avaya LLC
avaya
>>aura_system_platform>>6.0
cpe:2.3:a:avaya:aura_system_platform:6.0:sp1:*:*:*:*:*:*
Avaya LLC
avaya
>>iq>>5.0
cpe:2.3:a:avaya:iq:5.0:*:*:*:*:*:*:*
Avaya LLC
avaya
>>iq>>5.1
cpe:2.3:a:avaya:iq:5.1:*:*:*:*:*:*:*
Avaya LLC
avaya
>>voice_portal>>5.0
cpe:2.3:a:avaya:voice_portal:5.0:*:*:*:*:*:*:*
Avaya LLC
avaya
>>voice_portal>>5.1
cpe:2.3:a:avaya:voice_portal:5.1:-:*:*:*:*:*:*
Avaya LLC
avaya
>>voice_portal>>5.1
cpe:2.3:a:avaya:voice_portal:5.1:sp1:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esx>>4.0
cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
VMware (Broadcom Inc.)
vmware
>>esx>>4.1
cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-401Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8secalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://patchwork.ozlabs.org/patch/61857/secalert@redhat.com
Mailing List
Patch
Third Party Advisory
http://secunia.com/advisories/41512secalert@redhat.com
Broken Link
http://secunia.com/advisories/46397secalert@redhat.com
Broken Link
http://support.avaya.com/css/P8/documents/100113326secalert@redhat.com
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2secalert@redhat.com
Broken Link
http://www.openwall.com/lists/oss-security/2010/08/18/1secalert@redhat.com
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2010/08/19/4secalert@redhat.com
Mailing List
Patch
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0723.htmlsecalert@redhat.com
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0771.htmlsecalert@redhat.com
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0779.htmlsecalert@redhat.com
Broken Link
http://www.securityfocus.com/archive/1/520102/100/0/threadedsecalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/42529secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1000-1secalert@redhat.com
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlsecalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2430secalert@redhat.com
Broken Link
http://www.vupen.com/english/advisories/2011/0298secalert@redhat.com
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=624903secalert@redhat.com
Issue Tracking
Patch
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://patchwork.ozlabs.org/patch/61857/af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://secunia.com/advisories/41512af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/46397af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://support.avaya.com/css/P8/documents/100113326af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc2af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openwall.com/lists/oss-security/2010/08/18/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2010/08/19/4af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0723.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0771.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0779.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securityfocus.com/archive/1/520102/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/42529af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1000-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2430af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2011/0298af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=624903af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Third Party Advisory
Change History
0Changes found
Details not found