Lucene search

[email protected]CVE-2010-4157

HistoryDec 10, 2010 - 7:00 p.m.

CVE-2010-4157

2010-12-1019:00:05

CWE-190

[email protected]

web.nvd.nist.gov

cve-2010-4157

integer overflow

linux kernel

memory corruption

denial of service

nvd

security vulnerability

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.

Affected configurations

NVD

Node

linuxlinux_kernelRange<2.6.36.1x64

Node

fedoraprojectfedoraMatch13

Node

opensuseopensuseMatch11.2

opensuseopensuseMatch11.3

suselinux_enterprise_desktopMatch10sp3

suselinux_enterprise_desktopMatch11sp1

suselinux_enterprise_real_time_extensionMatch11sp1

suselinux_enterprise_serverMatch9

suselinux_enterprise_serverMatch10sp3

suselinux_enterprise_serverMatch11sp1

suselinux_enterprise_software_development_kitMatch10sp3

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt2.6.36.1

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	2.6.36.1

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4

lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html

ns3.spinics.net/lists/linux-scsi/msg47361.html

openwall.com/lists/oss-security/2010/11/09/1

openwall.com/lists/oss-security/2010/11/09/3

openwall.com/lists/oss-security/2010/11/09/4

openwall.com/lists/oss-security/2010/11/09/5

openwall.com/lists/oss-security/2010/11/10/12

secunia.com/advisories/42745

secunia.com/advisories/42778

secunia.com/advisories/42789

secunia.com/advisories/42801

secunia.com/advisories/42932

secunia.com/advisories/42963

secunia.com/advisories/43291

secunia.com/advisories/46397

www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1

www.redhat.com/support/errata/RHSA-2010-0958.html

www.redhat.com/support/errata/RHSA-2011-0004.html

www.redhat.com/support/errata/RHSA-2011-0162.html

www.securityfocus.com/archive/1/520102/100/0/threaded

www.securityfocus.com/bid/44648

www.vmware.com/security/advisories/VMSA-2011-0012.html

www.vupen.com/english/advisories/2010/3321

www.vupen.com/english/advisories/2011/0012

www.vupen.com/english/advisories/2011/0024

www.vupen.com/english/advisories/2011/0124

www.vupen.com/english/advisories/2011/0168

www.vupen.com/english/advisories/2011/0298

www.vupen.com/english/advisories/2011/0375

bugzilla.redhat.com/show_bug.cgi?id=651147

Social References

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON

Related for CVE-2010-4157

seebug2 ubuntucve1 prion1 veracode1 cvelist1 nvd1 redhat3 centos2 nessus28 openvas41 ubuntu8 oraclelinux3 suse6 securityvulns1 fedora3 osv1 vmware2 packetstorm1