2
Candidate: CVE-2008-3895
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3895
6
LILO 22.6.1 and earlier stores pre-boot authentication passwords in the
7
BIOS Keyboard buffer and does not clear this buffer before and after use,
8
which allows local users to obtain sensitive information by reading the
9
physical memory locations associated with this buffer.
12
jdstrand> requires root access to the machine which gives access to do
13
anything anyway (unless restricting root access via SELinux, which Ubuntu
15
mdeslaur> let's ignore this
22
upstream_lilo: needs-triage
24
feisty_lilo: needed (reached end-of-life)
25
gutsy_lilo: needed (reached end-of-life)
27
intrepid_lilo: ignored