CVE - CVE-2009-1192

CVE-ID
CVE-2009-1192	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:20090516 rPSA-2009-0084-1 kernel URL:http://www.securityfocus.com/archive/1/503610/100/0/threaded MISC:20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components URL:http://www.securityfocus.com/archive/1/507985/100/0/threaded MISC:34673 URL:http://www.securityfocus.com/bid/34673 MISC:34981 URL:http://secunia.com/advisories/34981 MISC:35011 URL:http://secunia.com/advisories/35011 MISC:35120 URL:http://secunia.com/advisories/35120 MISC:35121 URL:http://secunia.com/advisories/35121 MISC:35343 URL:http://secunia.com/advisories/35343 MISC:35387 URL:http://secunia.com/advisories/35387 MISC:35656 URL:http://secunia.com/advisories/35656 MISC:37351 URL:http://secunia.com/advisories/37351 MISC:37471 URL:http://secunia.com/advisories/37471 MISC:ADV-2009-3316 URL:~~http://www.vupen.com/english/advisories/2009/3316~~ (Obsolete source) MISC:DSA-1787 URL:http://www.debian.org/security/2009/dsa-1787 MISC:DSA-1794 URL:http://www.debian.org/security/2009/dsa-1794 MISC:DSA-1800 URL:http://www.debian.org/security/2009/dsa-1800 MISC:MDVSA-2009:119 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:119~~ (Obsolete source) MISC:MDVSA-2009:135 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:135~~ (Obsolete source) MISC:RHSA-2009:1081 URL:http://www.redhat.com/support/errata/RHSA-2009-1081.html MISC:SUSE-SA:2009:032 URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html MISC:SUSE-SA:2009:054 URL:http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html MISC:SUSE-SA:2009:056 URL:http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html MISC:USN-793-1 URL:http://www.ubuntu.com/usn/usn-793-1 MISC:[oss-security] 20090422 CVE-2009-1192 kernel: agp: zero pages before sending to userspace URL:http://openwall.com/lists/oss-security/2009/04/22/2 MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e MISC:http://wiki.rpath.com/Advisories:rPSA-2009-0084 URL:http://wiki.rpath.com/Advisories:rPSA-2009-0084 MISC:http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3 URL:http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3 MISC:http://www.vmware.com/security/advisories/VMSA-2009-0016.html URL:http://www.vmware.com/security/advisories/VMSA-2009-0016.html MISC:https://bugzilla.redhat.com/show_bug.cgi?id=497020 URL:https://bugzilla.redhat.com/show_bug.cgi?id=497020 MISC:oval:org.mitre.oval:def:10567 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10567 MISC:oval:org.mitre.oval:def:8003 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8003
Assigning CNA
Red Hat, Inc.
Date Record Created
20090331	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090331)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)