Information exposure in Linux kernel - CVE-2010-0003

Detailed vulnerability description

The vulnerability allows a local user to access sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to information exposure error. A local user can access sensitive information or perform a denial of service (DoS) attack.

How to mitigate CVE-2010-0003

Sources

• http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html
• http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4
• https://bugzilla.redhat.com/show_bug.cgi?id=554578
• http://www.openwall.com/lists/oss-security/2010/01/12/1
• http://www.openwall.com/lists/oss-security/2010/01/13/4
• http://secunia.com/advisories/38333
• http://patchwork.kernel.org/patch/69752/
• http://www.debian.org/security/2010/dsa-1996
• http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html
• http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
• http://secunia.com/advisories/38492
• https://rhn.redhat.com/errata/RHSA-2010-0146.html
• http://www.debian.org/security/2010/dsa-2005
• http://www.securityfocus.com/bid/37724
• http://www.redhat.com/support/errata/RHSA-2010-0161.html
• http://www.redhat.com/support/errata/RHSA-2010-0147.html
• http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
• http://secunia.com/advisories/38779
• http://secunia.com/advisories/39033
• http://www.vmware.com/security/advisories/VMSA-2011-0003.html
• http://secunia.com/advisories/43315
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550
• http://www.securityfocus.com/archive/1/516397/100/0/threaded
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0