Lucene search

K

MitreCVELIST:CVE-2010-4076

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4076

2022-10-0316:21:06

mitre

www.cve.org

1

cve-2010-4076

rs_ioctl

linux kernel 2.6.36.1

drivers/char/amiserial.c

tiocgicount

ioctl call

sensitive information

kernel stack memory

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862

lkml.org/lkml/2010/9/15/389

www.openwall.com/lists/oss-security/2010/09/25/2

www.openwall.com/lists/oss-security/2010/10/06/6

www.openwall.com/lists/oss-security/2010/10/07/1

www.openwall.com/lists/oss-security/2010/10/25/3

bugzilla.redhat.com/show_bug.cgi?id=648661

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

Related for CVELIST:CVE-2010-4076

ubuntucve1 nvd1 cve1 prion1 openvas28 nessus20 securityvulns2 ubuntu10 suse4 packetstorm1