Lucene search

K
cveMitreCVE-2010-4077
HistoryNov 29, 2010 - 4:00 p.m.

CVE-2010-4077

2010-11-2916:00:03
CWE-200
mitre
web.nvd.nist.gov
61
cve-2010-4077
nvd
linux kernel
information security
kernel stack memory
ioctl call

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0

Percentile

15.5%

The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.6.36.1
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0

Percentile

15.5%