Candidate: CVE-2009-3001
Description:
 The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel
 2.6.31-rc7 and earlier does not initialize a certain data structure,
 which allows local users to read the contents of some kernel memory
 locations by calling getsockname on an AF_LLC socket. 
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=519305
 http://git.kernel.org/linus/28e9fc592cb8c7a43e4d3147b38be6032a0e81bc
 http://jon.oberheide.org/files/llc-getsockname-leak.c
Ubuntu-Description:
Notes:
 gilbert> minor info leak, so not very urgent
Bugs:
upstream: released (2.6.31-rc8) [28e9fc592cb8c7a43e4d3147b38be6032a0e81bc]
linux-2.6: released (2.6.31-1~experimental.1)
2.6.18-etch-security: released (2.6.18.dfsg.1-26etch1) [bugfix/all/net-llc-zero-sockaddr_llc-struct.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.9etch1) [bugfix/all/net-llc-zero-sockaddr_llc-struct.patch]
2.6.26-lenny-security: released (2.6.26-19lenny1) [bugfix/all/net-llc-zero-sockaddr_llc-struct.patch]