Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4158

Опубликовано: 30 дек. 2010
Источник: nvd
CVSS2: 2.1
EPSS Низкий

Описание

The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 2.6.36.2 (исключая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*

EPSS

Процентиль: 56%
0.00345
Низкий

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2010-4158

ubuntu
больше 14 лет назад

The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.

redhat логотип

CVE-2010-4158

redhat
больше 14 лет назад

The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.

debian логотип

CVE-2010-4158

debian
больше 14 лет назад

The sk_run_filter function in net/core/filter.c in the Linux kernel be ...

github логотип

GHSA-9x53-5f6r-73cq

github
около 3 лет назад

The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.

fstec логотип

BDU:2016-01580

fstec
больше 14 лет назад

Уязвимость ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации

EPSS

Процентиль: 56%
0.00345
Низкий

2.1 Low

CVSS2

Дефекты

CWE-200