CVE-2010-4074

EUVD-2010-4050
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
1.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
𝑥
< 2.6.36
linuxlinux_kernel
2.6.36
linuxlinux_kernel
2.6.36:rc1
linuxlinux_kernel
2.6.36:rc2
linuxlinux_kernel
2.6.36:rc3
linuxlinux_kernel
2.6.36:rc4
debiandebian_linux
5.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
dapper
dne
hardy
Fixed 2.6.24-28.86
released
karmic
Fixed 2.6.31-22.73
released
lucid
not-affected
maverick
not-affected
linux-ec2
dapper
dne
hardy
dne
karmic
Fixed 2.6.31-307.27
released
lucid
not-affected
maverick
ignored
linux-fsl-imx51
dapper
dne
hardy
dne
karmic
Fixed 2.6.31-112.30
released
lucid
Fixed 2.6.31-608.22
released
maverick
dne
linux-lts-backport-maverick
dapper
dne
hardy
dne
karmic
dne
lucid
not-affected
maverick
dne
linux-mvl-dove
dapper
dne
hardy
dne
karmic
ignored
lucid
not-affected
maverick
not-affected
linux-source-2.6.15
dapper
not-affected
hardy
dne
karmic
dne
lucid
dne
maverick
dne
linux-ti-omap4
dapper
dne
hardy
dne
karmic
dne
lucid
dne
maverick
not-affected
Common Weakness Enumeration
References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098
http://lkml.org/lkml/2010/9/15/392
http://secunia.com/advisories/42890
http://www.debian.org/security/2010/dsa-2126
http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5
http://www.openwall.com/lists/oss-security/2010/09/25/2
http://www.openwall.com/lists/oss-security/2010/10/06/6
http://www.openwall.com/lists/oss-security/2010/10/07/1
http://www.openwall.com/lists/oss-security/2010/10/25/3
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://www.securityfocus.com/bid/45074
https://bugzilla.redhat.com/show_bug.cgi?id=648659
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098
http://lkml.org/lkml/2010/9/15/392
http://secunia.com/advisories/42890
http://www.debian.org/security/2010/dsa-2126
http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5
http://www.openwall.com/lists/oss-security/2010/09/25/2
http://www.openwall.com/lists/oss-security/2010/10/06/6
http://www.openwall.com/lists/oss-security/2010/10/07/1
http://www.openwall.com/lists/oss-security/2010/10/25/3
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://www.securityfocus.com/bid/45074
https://bugzilla.redhat.com/show_bug.cgi?id=648659