Home > Vulnerability Database > CVE-2008-2729

Mend.io Vulnerability Database

CVE-2008-2729

Date: June 30, 2008

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.

Severity Score

6.2

Related Resources (21)

Url: http://secunia.com/advisories/31551

Url: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=3022d734a54cbd2b65eea9a024564821101b4a9a%3Bhp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571

Url: http://www.securitytracker.com/id?1020364

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-2729

Url: http://secunia.com/advisories/31107

Url: http://www.securityfocus.com/bid/29943

Url: http://secunia.com/advisories/30850

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/43558

Url: https://bugzilla.redhat.com/show_bug.cgi?id=451271

Url: https://access.redhat.com/security/cve/CVE-2008-2729

Url: http://secunia.com/advisories/30849

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:174

Url: http://www.ubuntu.com/usn/usn-625-1

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-2729

Url: http://rhn.redhat.com/errata/RHSA-2008-0508.html

Url: http://www.debian.org/security/2008/dsa-1630

Url: http://secunia.com/advisories/31628

Url: http://www.redhat.com/support/errata/RHSA-2008-0519.html

Url: http://www.redhat.com/support/errata/RHSA-2008-0585.html

Url: https://www.mend.io/vulnerability-database/CVE-2008-2729

Severity Score

6.2

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

CVSS v3.1

Base Score:	6.2
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	4.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2008-2729

Date: June 30, 2008

Severity Score

Related Resources (21)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?