CVE-2010-3881

CVSS v2.0 2.1 (Low)

EPSS 0.04 % (11^th)

Affected Products 6

Advisories 10

arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device.

Weaknesses

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2010-12-23 18:00:02
(13 years ago)
Updated Date: 2023-02-13 04:27:27
(19 months ago)

Affected Products

Linux

Linux Kernel

Redhat

Suse

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 2.6.36.2 version	cpe:2.3:o:linux:linux_kernel		< 2.6.36.2

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux Server 6.0	cpe:2.3:o:redhat:enterprise_linux_server:6.0
	Redhat Enterprise Linux Workstation 6.0	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
	Suse Linux Enterprise Desktop 11 SP1	cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1
	Suse Linux Enterprise High Availability Extension 11 SP1	cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp1
	Suse Linux Enterprise Server 11 SP1	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1