4.9

CVE-2010-0453

The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.

Data is provided by the National Vulnerability Database (NVD)
SunOpensolaris Versionsnv_69 Editionx86
SunOpensolaris Versionsnv_70 Editionx86
SunOpensolaris Versionsnv_71 Editionx86
SunOpensolaris Versionsnv_72 Editionx86
SunOpensolaris Versionsnv_73 Editionx86
SunOpensolaris Versionsnv_74 Editionx86
SunOpensolaris Versionsnv_75 Editionx86
SunOpensolaris Versionsnv_76 Editionx86
SunOpensolaris Versionsnv_77 Editionx86
SunOpensolaris Versionsnv_78 Editionx86
SunOpensolaris Versionsnv_79 Editionx86
SunOpensolaris Versionsnv_80 Editionx86
SunOpensolaris Versionsnv_81 Editionx86
SunOpensolaris Versionsnv_82 Editionx86
SunOpensolaris Versionsnv_83 Editionx86
SunOpensolaris Versionsnv_84 Editionx86
SunOpensolaris Versionsnv_85 Editionx86
SunOpensolaris Versionsnv_86 Editionx86
SunOpensolaris Versionsnv_87 Editionx86
SunOpensolaris Versionsnv_88 Editionx86
SunOpensolaris Versionsnv_89 Editionx86
SunOpensolaris Versionsnv_90 Editionx86
SunOpensolaris Versionsnv_91 Editionx86
SunOpensolaris Versionsnv_92 Editionx86
SunOpensolaris Versionsnv_93 Editionx86
SunOpensolaris Versionsnv_94 Editionx86
SunOpensolaris Versionsnv_95 Editionx86
SunOpensolaris Versionsnv_96 Editionx86
SunOpensolaris Versionsnv_97 Editionx86
SunOpensolaris Versionsnv_98 Editionx86
SunOpensolaris Versionsnv_99 Editionx86
SunOpensolaris Versionsnv_100 Editionx86
SunOpensolaris Versionsnv_101 Editionx86
SunOpensolaris Versionsnv_102 Editionx86
SunOpensolaris Versionsnv_103 Editionx86
SunOpensolaris Versionsnv_104 Editionx86
SunOpensolaris Versionsnv_105 Editionx86
SunOpensolaris Versionsnv_106 Editionx86
SunOpensolaris Versionsnv_107 Editionx86
SunOpensolaris Versionsnv_108 Editionx86
SunOpensolaris Versionsnv_109 Editionx86
SunOpensolaris Versionsnv_110 Editionx86
SunOpensolaris Versionsnv_111 Editionx86
SunOpensolaris Versionsnv_112 Editionx86
SunOpensolaris Versionsnv_113 Editionx86
SunOpensolaris Versionsnv_114 Editionx86
SunOpensolaris Versionsnv_115 Editionx86
SunOpensolaris Versionsnv_116 Editionx86
SunOpensolaris Versionsnv_117 Editionx86
SunOpensolaris Versionsnv_118 Editionx86
SunOpensolaris Versionsnv_119 Editionx86
SunOpensolaris Versionsnv_120 Editionx86
SunOpensolaris Versionsnv_121 Editionx86
SunOpensolaris Versionsnv_122 Editionx86
SunOpensolaris Versionsnv_123 Editionx86
SunOpensolaris Versionsnv_124 Editionx86
SunOpensolaris Versionsnv_125 Editionx86
SunOpensolaris Versionsnv_126 Editionx86
SunOpensolaris Versionsnv_127 Editionx86
SunOpensolaris Versionsnv_128 Editionx86
SunOpensolaris Versionsnv_129 Editionx86
SunOpensolaris Versionsnv_130 Editionx86
SunOpensolaris Versionsnv_131 Editionx86
SunOpensolaris Versionsnv_132 Editionx86
SunOpensolaris Versionsnv_133 Editionx86
SunSolaris Version10.0 Editionx86
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.22% 0.414
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.