Published: 03/01/2011 Updated: 13/02/2023

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

VMScore: 419

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Multiple integer overflows in fs/bio.c in the Linux kernel prior to 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
fedoraproject fedora 13
suse linux enterprise server 10
suse linux enterprise desktop 11
suse linux enterprise server 11
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux enterprise desktop 10
suse linux enterprise software development kit 10
suse linux enterprise real time extension 11

Multiple kernel flaws have been fixed ...

A local attacker could exploit this to run programs with admininstrator privileges ...

Multiple kernel vulnerabilities ...

Multiple kernel flaws ...

An attacker could send crafted input to the kernel and cause it to crash ...

Multiple kernel vulnerablilities ...

Multiple kernel flaws ...

Multiple kernel flaws have been fixed ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-190 http://openwall.com/lists/oss-security/2010/11/10/18 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=652529 http://openwall.com/lists/oss-security/2010/11/12/2 http://secunia.com/advisories/42745 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://www.vupen.com/english/advisories/2010/3321 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html http://secunia.com/advisories/42778 http://www.securityfocus.com/bid/44793 http://www.vupen.com/english/advisories/2011/0012 http://secunia.com/advisories/42801 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://www.vupen.com/english/advisories/2011/0124 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://secunia.com/advisories/42932 http://www.redhat.com/support/errata/RHSA-2011-0007.html http://secunia.com/advisories/42890 http://www.vupen.com/english/advisories/2011/0298 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb4644cac4a2797afc847e6c92736664d4b0ea34 https://nvd.nist.gov https://packetstormsecurity.com/files/105078/Ubuntu-Security-Notice-USN-1202-1.html https://usn.ubuntu.com/1204-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4162

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect