Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20057
HistoryAug 24, 2010 - 12:00 a.m.

Linux kernel 2.6.x DRM模块IOCTL请求信息泄露漏洞

2010-08-2400:00:00
Root
www.seebug.org
11

0.0004 Low

EPSS

Percentile

10.9%

JSON

BUGTRAQ ID: 42577
CVE ID: CVE-2010-2803

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的drivers/gpu/drm/drm_drv.c驱动中的drm_ioctl()函数没有正确地清除内核内存便将其拷贝到了用户空间,这允许本地用户通过发送特制的IOCTL请求泄露敏感信息。成功利用这个漏洞要求用户又有对DRI路径的读写访问权限。

Linux kernel 2.6.x
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commitdiff;h=b9f0aee83335db1f3915f4e42a5e21b351740afd
http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commitdiff;h=1b2f1489633888d4a06028315dc19d65768a1c05

Ubuntu

Ubuntu已经为此发布了一个安全公告(USN-974-1)以及相应补丁:
USN-974-1:Linux kernel vulnerabilities
链接:https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001143.html

Related

cve 2
prion 2
veracode 1
ubuntucve 1
openvas 14
ubuntu 3
nessus 13
suse 6
osv 1
debian 1
redhat 1
oraclelinux 1
cve
cve
CVE-2010-2803
2010-09-08 20:00:00
CVE-2010-3016
2010-08-17 18:00:00
prion
prion
Memory corruption
2010-09-08 20:00:00
Design/Logic Flaw
2010-08-17 18:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:49:58
ubuntucve
ubuntucve
CVE-2010-2803
2010-08-19 00:00:00
openvas
openvas
Ubuntu Update for Linux kernel vulnerabilities USN-974-1
2010-08-20 00:00:00
Ubuntu Update for linux regression USN-974-2
2010-08-30 00:00:00
Ubuntu: Security Advisory (USN-974-2)
2010-08-30 00:00:00
ubuntu
ubuntu
Linux kernel regression
2010-08-26 00:00:00
Linux kernel vulnerabilities
2010-08-19 00:00:00
Linux kernel vulnerabilities
2011-02-25 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : linux, linux-{ec2,fsl-imx51,mvl-dove,source-2.6.15,ti-omap} vulnerabilities (USN-974-1)
2010-08-20 00:00:00
Ubuntu 8.04 LTS : linux regression (USN-974-2)
2010-08-27 00:00:00
openSUSE Security Update : kernel (openSUSE-SU-2010:0634-1)
2014-06-13 00:00:00
suse
suse
local privilege escalation in kernel
2010-09-17 16:49:15
remote denial of service in kernel
2010-09-13 17:57:23
local privilege escalation in kernel
2010-11-03 13:13:23
osv
osv
linux-2.6 - several issues
2010-08-19 00:00:00
debian
debian
[SECURITY] [DSA 2094-1] New Linux 2.6.26 packages fix several issues
2010-08-20 01:48:11
redhat
redhat
(RHSA-2010:0842) Important: kernel security and bug fix update
2010-11-10 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2011-02-12 00:00:00

0.0004 Low

EPSS

Percentile

10.9%

JSON
Related for SSV:20057
cve2prion2veracode1ubuntucve1openvas14ubuntu3nessus13suse6osv1debian1redhat1oraclelinux1