Lucene search

K
cve[email protected]CVE-2010-3859
HistoryDec 29, 2010 - 6:00 p.m.

CVE-2010-3859

2010-12-2918:00:00
CWE-787
web.nvd.nist.gov
62
4
cve-2010-3859
linux kernel
integer signedness errors
privilege escalation
heap-based buffer overflow
tipc implementation
nvd

7.5 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.6%

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c.

References

Social References

More

7.5 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.6%

Related for CVE-2010-3859