Lucene search
HistoryAug 20, 2010 - 8:00 p.m.
CVE-2010-3014
cve-2010-3014
coda filesystem
kernel module
netbsd
freebsd
venus
buffer over-read
security vulnerability
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
Affected configurations
Node
freebsdfreebsd
ORnetbsdnetbsd
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | * |
| netbsd:netbsd | netbsd | eq | * |
Related
cvelist
cvelist
CVE-2010-3014
2010-08-20 19:00:00
securityvulns
securityvulns
CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure
2010-08-19 00:00:00
FreeBSD / NetBSD Coda file system information leak
2010-08-19 00:00:00
debiancve
debiancve
CVE-2010-3014
2010-08-20 20:00:02
nvd
nvd
CVE-2010-3014
2010-08-20 20:00:02
prion
prion
Buffer overflow
2010-08-20 20:00:00
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2010-3014