4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.1%
Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4075)
Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
iov segments. A local attacker with access to a SCSI device could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2010-4163, CVE-2010-4668)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 10.10 | noarch | linux-image-2.6.35-28-server | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | block-modules-2.6.35-28-generic-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | block-modules-2.6.35-28-virtual-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | char-modules-2.6.35-28-generic-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | crypto-modules-2.6.35-28-generic-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | crypto-modules-2.6.35-28-virtual-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | fat-modules-2.6.35-28-generic-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | fat-modules-2.6.35-28-virtual-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | fb-modules-2.6.35-28-generic-di | < 2.6.35-28.49 | UNKNOWN |
Ubuntu | 10.10 | noarch | fb-modules-2.6.35-28-virtual-di | < 2.6.35-28.49 | UNKNOWN |