Published: 29/11/2010 Updated: 07/11/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel prior to 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-2524 David Howells reported an issue in the Common Internet File System (CIFS) Local users could cause ...

Multiple kernel flaws have been fixed ...

A local attacker could exploit this to run programs with admininstrator privileges ...

Multiple kernel vulnerabilities ...

An attacker could send crafted input to the kernel and cause it to crash ...

Multiple kernel flaws ...

Multiple kernel flaws have been fixed ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-200 https://bugzilla.redhat.com/show_bug.cgi?id=648660 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc1 http://www.openwall.com/lists/oss-security/2010/10/25/3 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03388.html http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/07/1 http://www.redhat.com/support/errata/RHSA-2010-0958.html http://www.securityfocus.com/bid/43806 http://secunia.com/advisories/42963 http://www.redhat.com/support/errata/RHSA-2011-0162.html http://www.vupen.com/english/advisories/2011/0168 http://www.redhat.com/support/errata/RHSA-2011-0007.html http://secunia.com/advisories/42884 http://secunia.com/advisories/42890 http://www.redhat.com/support/errata/RHSA-2011-0017.html http://secunia.com/advisories/46397 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862 https://nvd.nist.gov https://www.debian.org/security/./dsa-2264 https://usn.ubuntu.com/1204-1/

CVE-2010-4075

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect