CVE-2009-3002

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31-rc7

Description: The issue allows local users to read the contents of some kernel memory locations by calling getsockname on various socket types, including AF APPLETALK, AF IRDA, AF ECONET, AF NETROM, AF ROSE, and raw CAN sockets. This is related to the lack of initialization of certain data structures within getname functions, specifically the atalk getname, irda getname, econet getname, nr getname, rose getname, and raw getname functions.

Recommendations: For Linux kernel versions prior to 2.6.31-rc7, update to version 2.6.31-rc7 or later to resolve the issue.