NVD

Id
15384  
Name
CVE-2010-4076  
Description
The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.  
Reject
 
CVSS Version
2  
CVSS Score
1.9  
Severity
Low  
CVSS Base Score
1.9  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2010-11-29  
Modified Date
2012-03-19  
Seq
2010-4076  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
86693 15384 CVE-2010-4076 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d281da7ff6f70efca0553c288bb883e8605b3862  View
86694 15384 CVE-2010-4076 [linux-kernel] 20100915 [PATCH] drivers/char/amiserial.c: prevent reading uninitialized stack memory  View
86695 15384 CVE-2010-4076 [oss-security] 20100925 CVE request: multiple kernel stack memory disclosures  View
86696 15384 CVE-2010-4076 [oss-security] 20101006 Re: CVE request: multiple kernel stack memory disclosures  View
86697 15384 CVE-2010-4076 [oss-security] 20101006 Re: CVE request: multiple kernel stack memory disclosures  View
86698 15384 CVE-2010-4076 [oss-security] 20101025 Re: CVE request: multiple kernel stack memory disclosures  View
86699 15384 CVE-2010-4076 https://bugzilla.redhat.com/show_bug.cgi?id=648661  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37542 JVNDB-2010-003327 Linux kernel の rs_ioctl 関数における重要な情報を取得される脆弱性 Linux kernel の drivers/char/amiserial.c の rs_ioctl 関数は、特定の構造体メンバを初期化しないため、カーネルスタックメモリから重要な情報を取得される脆弱性が存在します。 CVE-2010-4076 46656 CVE-2010-4076 15384 1.9 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003327.html 2010-11-29 2012-03-27 View