4

CVE-2010-3874

Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel HwPlatformx64 Version < 2.6.36.2
FedoraprojectFedora Version13
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
SuseLinux Enterprise Desktop Version11 Updatesp1
SuseLinux Enterprise Real Time Extension Version11 Updatesp1
SuseLinux Enterprise Server Version11 Updatesp1
DebianDebian Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.311
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 1.9 6.9
AV:L/AC:H/Au:N/C:N/I:N/A:C
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
Third Party Advisory
Mailing List
http://www.vupen.com/english/advisories/2011/0298
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42778
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0012
Third Party Advisory
http://secunia.com/advisories/42890
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0007.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42801
Third Party Advisory
http://www.debian.org/security/2010/dsa-2126
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42932
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0124
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
Third Party Advisory
http://secunia.com/advisories/42745
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0958.html
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3321
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0597d1b99fcfc2c0eada09a698f85ed413d4ba84
http://openwall.com/lists/oss-security/2010/11/03/3
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/11/04/4
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/20/2
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/20/3
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/20/4
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/20/5
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/12/21/1
Third Party Advisory
Mailing List
http://www.spinics.net/lists/netdev/msg145791.html
Patch
Third Party Advisory
Mailing List
http://www.spinics.net/lists/netdev/msg146469.html
Patch
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=649695
Patch
Third Party Advisory
Issue Tracking