Lucene search

K
nvd[email protected]NVD:CVE-2010-4668
HistoryJan 03, 2011 - 8:00 p.m.

CVE-2010-4668

2011-01-0320:00:43
CWE-400
web.nvd.nist.gov
12

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

5.9

Confidence

High

EPSS

0

Percentile

10.1%

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<2.6.37
OR
linuxlinux_kernelMatch2.6.37-
OR
linuxlinux_kernelMatch2.6.37rc1
OR
linuxlinux_kernelMatch2.6.37rc2
OR
linuxlinux_kernelMatch2.6.37rc3
OR
linuxlinux_kernelMatch2.6.37rc4
OR
linuxlinux_kernelMatch2.6.37rc5
OR
linuxlinux_kernelMatch2.6.37rc6
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc6:*:*:*:*:*:*

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

5.9

Confidence

High

EPSS

0

Percentile

10.1%