Lucene search

K
cve[email protected]CVE-2010-4080
HistoryNov 30, 2010 - 10:14 p.m.

CVE-2010-4080

2010-11-3022:14:00
CWE-200
web.nvd.nist.gov
63
linux
kernel
vulnerability
2.6.36-rc6
sound
pci
nvd
cve-2010-4080

5.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

8.6%

The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.

References

5.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

8.6%

Related for CVE-2010-4080