CVE-2009-1192
Detail
Deferred
This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.
Description
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
Vector:
(AV:L/AC:L/Au:N/C:C/I:N/A:N)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected] .
URL
Source(s)
Tag(s)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e
CVE, Inc., Red Hat
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
CVE, Inc., Red Hat
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
CVE, Inc., Red Hat
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html
CVE, Inc., Red Hat
http://openwall.com/lists/oss-security/2009/04/22/2
CVE, Inc., Red Hat
http://secunia.com/advisories/34981
CVE, Inc., Red Hat
http://secunia.com/advisories/35011
CVE, Inc., Red Hat
http://secunia.com/advisories/35120
CVE, Inc., Red Hat
http://secunia.com/advisories/35121
CVE, Inc., Red Hat
http://secunia.com/advisories/35343
CVE, Inc., Red Hat
http://secunia.com/advisories/35387
CVE, Inc., Red Hat
http://secunia.com/advisories/35656
CVE, Inc., Red Hat
http://secunia.com/advisories/37351
CVE, Inc., Red Hat
http://secunia.com/advisories/37471
CVE, Inc., Red Hat
http://wiki.rpath.com/Advisories:rPSA-2009-0084
CVE, Inc., Red Hat
http://www.debian.org/security/2009/dsa-1787
CVE, Inc., Red Hat
http://www.debian.org/security/2009/dsa-1794
CVE, Inc., Red Hat
http://www.debian.org/security/2009/dsa-1800
CVE, Inc., Red Hat
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3
CVE, Inc., Red Hat
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:119
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDVSA-2009:135
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2009-1081.html
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/503610/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/507985/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/34673
CVE, Inc., Red Hat
Patch
http://www.ubuntu.com/usn/usn-793-1
CVE, Inc., Red Hat
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2009/3316
CVE, Inc., Red Hat
https://bugzilla.redhat.com/show_bug.cgi?id=497020
CVE, Inc., Red Hat
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10567
CVE, Inc., Red Hat
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8003
CVE, Inc., Red Hat
Weakness Enumeration
CWE-ID
CWE Name
Source
NVD-CWE-Other
Other
NIST  
Change History
6 change records found show changes
CVE Modified by CVE 11/20/2024 8:01:52 PM
Action
Type
Old Value
New Value
Added
Reference
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e
Added
Reference
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
Added
Reference
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
Added
Reference
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html
Added
Reference
http://openwall.com/lists/oss-security/2009/04/22/2
Added
Reference
http://secunia.com/advisories/34981
Added
Reference
http://secunia.com/advisories/35011
Added
Reference
http://secunia.com/advisories/35120
Added
Reference
http://secunia.com/advisories/35121
Added
Reference
http://secunia.com/advisories/35343
Added
Reference
http://secunia.com/advisories/35387
Added
Reference
http://secunia.com/advisories/35656
Added
Reference
http://secunia.com/advisories/37351
Added
Reference
http://secunia.com/advisories/37471
Added
Reference
http://wiki.rpath.com/Advisories:rPSA-2009-0084
Added
Reference
http://www.debian.org/security/2009/dsa-1787
Added
Reference
http://www.debian.org/security/2009/dsa-1794
Added
Reference
http://www.debian.org/security/2009/dsa-1800
Added
Reference
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc3
Added
Reference
http://www.mandriva.com/security/advisories?name=MDVSA-2009:119
Added
Reference
http://www.mandriva.com/security/advisories?name=MDVSA-2009:135
Added
Reference
http://www.redhat.com/support/errata/RHSA-2009-1081.html
Added
Reference
http://www.securityfocus.com/archive/1/503610/100/0/threaded
Added
Reference
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Added
Reference
http://www.securityfocus.com/bid/34673
Added
Reference
http://www.ubuntu.com/usn/usn-793-1
Added
Reference
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Added
Reference
http://www.vupen.com/english/advisories/2009/3316
Added
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=497020
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10567
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8003
CVE Modified by Red Hat, Inc. 5/13/2024 10:05:49 PM
Action
Type
Old Value
New Value
CVE Modified by Red Hat, Inc. 2/12/2023 8:17:22 PM
Action
Type
Old Value
New Value
Added
Reference
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e [No Types Assigned]
Removed
Reference
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=59de2bebabc5027f93df999d59cc65df591c3e6e [Vendor Advisory]
CVE Modified by Red Hat, Inc. 10/10/2018 3:34:51 PM
Action
Type
Old Value
New Value
Added
Reference
http://www.securityfocus.com/archive/1/503610/100/0/threaded [No Types Assigned]
Added
Reference
http://www.securityfocus.com/archive/1/507985/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/503610/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded [No Types Assigned]
CVE Modified by Red Hat, Inc. 9/28/2017 9:34:14 PM
Action
Type
Old Value
New Value
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10567 [No Types Assigned]
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8003 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10567 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8003 [No Types Assigned]
Initial CVE Analysis 4/27/2009 9:44:00 AM
Action
Type
Old Value
New Value
Quick Info
CVE Dictionary Entry: CVE-2009-1192 NVD
Published Date: 04/24/2009 NVD
Last Modified: 04/08/2025
Source: Red Hat, Inc.