Описание
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.
Ссылки
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
4.9 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.
EPSS
Процентиль: 49%
0.00256
Низкий
4.9 Medium
CVSS2
Дефекты
NVD-CWE-Other