CVE-2009-1192Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2009-1192 | First vendor Publication | 2009-04-24 |
| Vendor | Cve | Last vendor Modification | 2012-03-19 |
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.9 | Attack Range | Local |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentification | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:8003 | |||
| Oval ID: | oval:org.mitre.oval:def:8003 | ||
| Title: | VMware kernel agp subsystem vulnerability | ||
| Description: | The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-1192 |
Version: | 2 |
| Platform(s): | VMWare ESX Server 4 |
Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 54379 | Linux Kernel agp Subsystem drivers/char/agp/generic.c Local Memory Disclosure |
Internal Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2013-05-10 23:48:03 |
|
(Critical)
(High)
(Medium)
