CVE-2010-4074
N/A
N/A
Summary
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098
- http://www.openwall.com/lists/oss-security/2010/09/25/2
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5
- http://www.openwall.com/lists/oss-security/2010/10/06/6
- https://bugzilla.redhat.com/show_bug.cgi?id=648659
- http://www.redhat.com/support/errata/RHSA-2011-0007.html
- http://lkml.org/lkml/2010/9/15/392
- http://www.redhat.com/support/errata/RHSA-2010-0958.html
- http://www.openwall.com/lists/oss-security/2010/10/07/1
- http://www.securityfocus.com/bid/45074
- http://secunia.com/advisories/42890
- http://www.openwall.com/lists/oss-security/2010/10/25/3
- http://www.debian.org/security/2010/dsa-2126
References
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098
- http://www.openwall.com/lists/oss-security/2010/09/25/2
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5
- http://www.openwall.com/lists/oss-security/2010/10/06/6
- https://bugzilla.redhat.com/show_bug.cgi?id=648659
- http://www.redhat.com/support/errata/RHSA-2011-0007.html
- http://lkml.org/lkml/2010/9/15/392
- http://www.redhat.com/support/errata/RHSA-2010-0958.html
- http://www.openwall.com/lists/oss-security/2010/10/07/1
- http://www.securityfocus.com/bid/45074
- http://secunia.com/advisories/42890
- http://www.openwall.com/lists/oss-security/2010/10/25/3
- http://www.debian.org/security/2010/dsa-2126
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.