CVE-2010-1162
5.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
27.4%
The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors.
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6da8d866d0d39e9509ff826660f6a86a6757c966
lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html
secunia.com/advisories/39830
secunia.com/advisories/40645
www.debian.org/security/2010/dsa-2053
www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.34-rc4
www.mandriva.com/security/advisories?name=MDVSA-2010:198
www.openwall.com/lists/oss-security/2010/04/14/1
www.openwall.com/lists/oss-security/2010/04/15/1
www.openwall.com/lists/oss-security/2010/04/15/2
www.openwall.com/lists/oss-security/2010/04/16/1
www.vupen.com/english/advisories/2010/1857
bugzilla.redhat.com/show_bug.cgi?id=582076
Social References
More
Related
5.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
27.4%