6.2

CVE-2010-4157

Exploit

EPSS 0.11%
Veröffentlicht 10.12.2010 19:00:05
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 40

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel HwPlatformx64 Version < 2.6.36.1

Fedoraproject ≫ Fedora Version13

Opensuse ≫ Opensuse Version11.2

Opensuse ≫ Opensuse Version11.3

Suse ≫ Linux Enterprise Desktop Version10 Updatesp3

Suse ≫ Linux Enterprise Desktop Version11 Updatesp1

Suse ≫ Linux Enterprise Real Time Extension Version11 Updatesp1

Suse ≫ Linux Enterprise Server Version9

Suse ≫ Linux Enterprise Server Version10 Updatesp3

Suse ≫ Linux Enterprise Server Version11 Updatesp1

Suse ≫ Linux Enterprise Software Development Kit Version10 Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.267

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.2	1.9	10	AV:L/AC:H/Au:N/C:C/I:C/A:C

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://secunia.com/advisories/46397

Third Party Advisory

http://www.securityfocus.com/archive/1/520102/100/0/threaded

Third Party Advisory

VDB Entry

http://www.vmware.com/security/advisories/VMSA-2011-0012.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Third Party Advisory

Mailing List

http://www.vupen.com/english/advisories/2011/0298

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/42778

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0012

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/42801

Third Party Advisory

http://secunia.com/advisories/43291

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0375

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/42932

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0124

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html

Third Party Advisory

http://secunia.com/advisories/42745

Third Party Advisory

http://secunia.com/advisories/42789

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0958.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-0004.html

Third Party Advisory

http://www.vupen.com/english/advisories/2010/3321

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0024

Third Party Advisory

http://secunia.com/advisories/42963

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-0162.html

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0168

Third Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4

http://ns3.spinics.net/lists/linux-scsi/msg47361.html

Broken Link

http://openwall.com/lists/oss-security/2010/11/09/1

Patch

Third Party Advisory

Mailing List

http://openwall.com/lists/oss-security/2010/11/09/3

Patch

Third Party Advisory

Mailing List

http://openwall.com/lists/oss-security/2010/11/09/4

Patch

Third Party Advisory

Exploit

Mailing List

http://openwall.com/lists/oss-security/2010/11/09/5

Third Party Advisory

Mailing List

http://openwall.com/lists/oss-security/2010/11/10/12

Patch

Third Party Advisory

Mailing List

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1

Broken Link

http://www.securityfocus.com/bid/44648

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=651147

Patch

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2010-4157

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-4157

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-4157

EUVD