CVE-2010-4157

Опубликовано: 10 дек. 2010

Источник: nvd

CVSS2: 6.2

EPSS Низкий

Описание

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.

Ссылки

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
Mailing List
Third Party Advisory
http://ns3.spinics.net/lists/linux-scsi/msg47361.html
Broken Link
http://openwall.com/lists/oss-security/2010/11/09/1
Mailing List
Patch
Third Party Advisory
http://openwall.com/lists/oss-security/2010/11/09/3
Mailing List
Patch
Third Party Advisory
http://openwall.com/lists/oss-security/2010/11/09/4
Exploit
Mailing List
Patch
Third Party Advisory
http://openwall.com/lists/oss-security/2010/11/09/5
Mailing List
Third Party Advisory
http://openwall.com/lists/oss-security/2010/11/10/12
Mailing List
Patch
Third Party Advisory
http://secunia.com/advisories/42745
Third Party Advisory
http://secunia.com/advisories/42778
Third Party Advisory
http://secunia.com/advisories/42789
Third Party Advisory
http://secunia.com/advisories/42801
Third Party Advisory
http://secunia.com/advisories/42932
Third Party Advisory
http://secunia.com/advisories/42963
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x64:*

Версия до 2.6.36.1 (исключая)

Конфигурация 2

cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00112

Низкий

6.2 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2010-4157

ubuntu

больше 14 лет назад

CVE-2010-4157

redhat

больше 14 лет назад

CVE-2010-4157

debian

больше 14 лет назад

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in ...

GHSA-p83g-f9xr-p3gp

github

около 3 лет назад

BDU:2015-08638

fstec

больше 14 лет назад

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 31%

0.00112

Низкий

6.2 Medium

CVSS2

Дефекты

CWE-190