[kernel-sec-discuss] r1528 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Oct 19 22:44:12 UTC 2009
Author: jmm
Date: 2009-10-19 22:44:12 +0000 (Mon, 19 Oct 2009)
New Revision: 1528
Removed:
active/CVE-2008-3901
Log:
not in the kernel
Deleted: active/CVE-2008-3901
===================================================================
--- active/CVE-2008-3901 2009-10-19 22:11:11 UTC (rev 1527)
+++ active/CVE-2008-3901 2009-10-19 22:44:12 UTC (rev 1528)
@@ -1,16 +0,0 @@
-Candidate: CVE-2008-3901
-Description:
- Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot
- authentication passwords in the BIOS Keyboard buffer and does not clear this buffer
- after use, which allows local users to obtain sensitive information by reading the
- physical memory locations associated with this buffer.
-References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3901
- http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
-Notes:
-Bugs:
-upstream:
-linux-2.6:
-2.6.18-etch-security:
-2.6.24-etch-security:
-2.6.26-lenny-security:
More information about the kernel-sec-discuss
mailing list