7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
77.2%
Kees Cook discovered that some ethtool functions did not correctly clear
heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit
this to read portions of kernel heap memory, leading to a loss of privacy.
(CVE-2010-4655)
Kees Cook discovered that the IOWarrior USB device driver did not correctly
check certain size fields. A local attacker with physical access could plug
in a specially crafted USB device to crash the system or potentially gain
root privileges. (CVE-2010-4656)
Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly
clear memory when writing certain file holes. A local attacker could
exploit this to read uninitialized data from the disk, leading to a loss of
privacy. (CVE-2011-0463)
Jens Kuehnel discovered that the InfiniBand driver contained a race
condition. On systems using InfiniBand, a local attacker could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2011-0695)
Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
driver did not correctly validate string lengths. A local attacker with
physical access could plug in a specially crafted USB device to crash the
system or potentially gain root privileges. (CVE-2011-0712)
Timo Warns discovered that LDM partition parsing routines did not correctly
calculate block counts. A local attacker with physical access could plug in
a specially crafted block device to crash the system, leading to a denial
of service. (CVE-2011-1012)
Timo Warns discovered that the LDM disk partition handling code did not
correctly handle certain values. By inserting a specially crafted disk
device, a local attacker could exploit this to gain root privileges.
(CVE-2011-1017)
Tavis Ormandy discovered that the pidmap function did not correctly handle
large requests. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2011-1593)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | linux-image-2.6.24-29-sparc64 | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | acpi-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | block-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | crypto-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | fat-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | fb-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | firewire-core-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | floppy-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | fs-core-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
Ubuntu | 8.04 | noarch | fs-secondary-modules-2.6.24-29-generic-di | < 2.6.24-29.90 | UNKNOWN |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
77.2%