CVE-2010-0003

The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.
Severity
UNKNOWN
AV:L/AC:M/Au:N/C:P/I:N/A:C
Atk. Vector
LOCAL
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
linuxlinux_kernel
𝑥
< 2.6.32.4
debiandebian_linux
4.0
debiandebian_linux
5.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
karmic
Fixed 2.6.31-19.56
released
jaunty
Fixed 2.6.28-18.59
released
intrepid
Fixed 2.6.27-17.45
released
hardy
Fixed 2.6.24-27.65
released
dapper
dne
linux-source-2.6.15
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
dapper
not-affected
References