Vulnerability Details : CVE-2008-2729
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
Vulnerability category: Information leak
Products affected by CVE-2008-2729
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Threat overview for CVE-2008-2729
Top countries where our scanners detected CVE-2008-2729
Top open port discovered on systems with this issue
80
IPs affected by CVE-2008-2729 1,001
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-2729!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-2729
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-2729
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:C/I:N/A:N |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2008-2729
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-2729
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11571
Tool Signature
-
http://www.debian.org/security/2008/dsa-1630
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-625-1
Third Party Advisory
-
http://www.securityfocus.com/bid/29943
Third Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=451271
Issue Tracking;Third Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3022d734a54cbd2b65eea9a024564821101b4a9a;hp=f0f4c3432e5e1087b3a8c0e6bd4113d3c37497ff
Exploit;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2008-0519.html
Broken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/43558
Third Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2008-0508.html
RHSA-2008:0508 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
Broken Link
-
http://www.securitytracker.com/id?1020364
Third Party Advisory;VDB Entry
-
http://www.redhat.com/support/errata/RHSA-2008-0585.html
Broken Link
Jump to