4.7
CVE-2010-4163
- EPSS 0.39%
- Veröffentlicht 03.01.2011 20:00:42
- Zuletzt bearbeitet 16.06.2026 23:24:14
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 2.6.36.2
Suse ≫ Linux Enterprise Desktop Version11 Updatesp1
Suse ≫ Linux Enterprise Real Time Extension Version11 Updatesp1
Suse ≫ Linux Enterprise Server Version11 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.309 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 3.4 | 6.9 |
AV:L/AC:M/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
http://www.vupen.com/english/advisories/2011/0298
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
http://secunia.com/advisories/42778
http://www.vupen.com/english/advisories/2011/0012
http://secunia.com/advisories/42890
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
http://secunia.com/advisories/42801
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
http://secunia.com/advisories/42932
http://www.vupen.com/english/advisories/2011/0124
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
http://openwall.com/lists/oss-security/2010/11/10/18
http://openwall.com/lists/oss-security/2010/11/12/2
http://www.securityfocus.com/bid/44793
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689
http://openwall.com/lists/oss-security/2010/11/29/1
https://bugzilla.redhat.com/show_bug.cgi?id=652957