CVE-2010-4157
7.7 High
AI Score
Confidence
High
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4
lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
ns3.spinics.net/lists/linux-scsi/msg47361.html
openwall.com/lists/oss-security/2010/11/09/1
openwall.com/lists/oss-security/2010/11/09/3
openwall.com/lists/oss-security/2010/11/09/4
openwall.com/lists/oss-security/2010/11/09/5
openwall.com/lists/oss-security/2010/11/10/12
secunia.com/advisories/42745
secunia.com/advisories/42778
secunia.com/advisories/42789
secunia.com/advisories/42801
secunia.com/advisories/42932
secunia.com/advisories/42963
secunia.com/advisories/43291
secunia.com/advisories/46397
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1
www.redhat.com/support/errata/RHSA-2010-0958.html
www.redhat.com/support/errata/RHSA-2011-0004.html
www.redhat.com/support/errata/RHSA-2011-0162.html
www.securityfocus.com/archive/1/520102/100/0/threaded
www.securityfocus.com/bid/44648
www.vmware.com/security/advisories/VMSA-2011-0012.html
www.vupen.com/english/advisories/2010/3321
www.vupen.com/english/advisories/2011/0012
www.vupen.com/english/advisories/2011/0024
www.vupen.com/english/advisories/2011/0124
www.vupen.com/english/advisories/2011/0168
www.vupen.com/english/advisories/2011/0298
www.vupen.com/english/advisories/2011/0375
bugzilla.redhat.com/show_bug.cgi?id=651147
Social References
More
Related
7.7 High
AI Score
Confidence
High
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%