|Bugzilla:||526788: CVE-2009-2910 kernel: x86_64 32 bit process register leak|
The MITRE CVE dictionary describes this issue as:
arch/x86/ia32/ia32entry.S in the Linux kernel before 188.8.131.52 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2009-2910
It has been rated as having moderate security impact.
It was addressed in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG via: https://rhn.redhat.com/errata/RHSA-2009-1671.html , https://rhn.redhat.com/errata/RHSA-2010-0046.html and https://rhn.redhat.com/errata/RHSA-2009-1540.html respectively.
This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important and critical impact are addressed.
For further information about Errata Support Policy, visit: http://www.redhat.com/security/updates/errata/
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|MRG Grid for RHEL 5 Server (kernel-rt)||RHSA-2009:1540||November 03, 2009|
|Red Hat Enterprise Linux version 4 (kernel)||RHSA-2009:1671||December 15, 2009|
|Red Hat Enterprise Linux version 5 (kernel)||RHSA-2010:0046||January 19, 2010|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.