CVE-2010-3437
Published Oct 4, 2010
Last updated 2 years ago
Overview
- Description
- Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.6
- Impact score
- 9.2
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-476
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8DCE5E2-B055-4F05-8F0F-F19D1B7BA8D7",
"versionEndExcluding": "2.6.36"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4407EF9-4ECF-408F-9ECB-0705E3FB65D5"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBE26099-6D2C-4FAF-B15C-CBF985D59171"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2C193FF-3723-4BE9-8787-DED7D455FA8F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F874FE6A-968D-47E1-900A-E154E41EDAF8"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14B7B8AE-CE83-4F0E-9138-6F165D97C19F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B434ACFB-2B01-491A-B2E5-40FA0E11B3B1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E496249-23A8-42FC-A109-634A54B5600F"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60FBDD82-691C-4D9D-B71B-F9AFF6931B53"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "640FB29C-1A84-41E1-86DE-B542EA0EF153"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25CBACD3-AFB7-410D-927F-0C1FF477D396"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DB8A616-865B-4E70-BA2E-BE5F0BA7A351"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B"
}
],
"operator": "OR"
}
]
}
]