Severity : Medium Published : 2009-10-19 Modified : 2012-03-19 Base Score : 4.9 Details : The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. Product/Version : Pro 4.x   CGE 4.x   Mobilinux 4.x   Professional PRO 5.0   Professional PRO 5.0   CGE 5.x   Mobilinux 5.x

CVE-2009-5064 CVE-2009-4895 CVE-2009-4881 CVE-2009-4880 CVE-2009-4537 CVE-2009-4410 CVE-2009-4377 CVE-2009-4355 CVE-2009-4308 CVE-2009-4307 CVE-2009-4272 CVE-2009-4141 CVE-2009-4135 CVE-2009-4134 CVE-2009-4131 CVE-2009-4029 CVE-2009-4022 CVE-2009-4021 CVE-2009-4017 CVE-2009-4005 CVE-2009-3889 CVE-2009-3767 CVE-2009-3736 CVE-2009-3726 CVE-2009-3720 CVE-2009-3639 CVE-2009-3621 CVE-2009-3620 CVE-2009-3612 CVE-2009-3563 CVE-2009-3560 CVE-2009-3559 CVE-2009-3558 CVE-2009-3557 CVE-2009-3555 CVE-2009-3550 CVE-2009-3547 CVE-2009-3490 CVE-2009-3245 CVE-2009-3238 CVE-2009-3230 CVE-2009-3228 CVE-2009-3095 CVE-2009-3094 CVE-2009-3080 CVE-2009-3002 CVE-2009-3001 CVE-2009-2910 CVE-2009-2909 CVE-2009-2908 CVE-2009-2903 CVE-2009-2849 CVE-2009-2848 CVE-2009-2847 CVE-2009-2730 CVE-2009-2563 CVE-2009-2562 CVE-2009-2560 CVE-2009-2417 CVE-2009-2412 CVE-2009-2409 CVE-2009-2042 CVE-2009-1895 CVE-2009-1891 CVE-2009-1890 CVE-2009-1632 CVE-2009-1630 CVE-2009-1574 CVE-2009-1417 CVE-2009-1389 CVE-2009-1387 CVE-2009-1386 CVE-2009-1377 CVE-2009-1337 CVE-2009-1297 CVE-2009-1269 CVE-2009-1268 CVE-2009-1267 CVE-2009-1265 CVE-2009-1252 CVE-2009-1210 CVE-2009-1196 CVE-2009-1195 CVE-2009-1194 CVE-2009-1192 CVE-2009-0949 CVE-2009-0887 CVE-2009-0859 CVE-2009-0835 CVE-2009-0834 CVE-2009-0798 CVE-2009-0791 CVE-2009-0778 CVE-2009-0316 CVE-2009-0217 CVE-2009-0163 CVE-2009-0159 CVE-2009-0028 CVE-2009-0021