CVE-2010-4656

2011-01-2500:00:00

ubuntu.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux
kernel before 2.6.37 does not properly allocate memory, which might allow
local users to trigger a heap-based buffer overflow, and consequently cause
a denial of service or gain privileges, via a long report.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-29.90UNKNOWN
ubuntu10.04noarchlinux< 2.6.32-31.60UNKNOWN
ubuntu10.10noarchlinux< 2.6.35-29.51UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-315.28UNKNOWN
ubuntu10.04noarchlinux-fsl-imx51< 2.6.31-609.26UNKNOWN
ubuntu10.04noarchlinux-lts-backport-maverick< 2.6.35-30.54~lucid1UNKNOWN
ubuntu10.04noarchlinux-mvl-dove< 2.6.32-216.33UNKNOWN
ubuntu10.10noarchlinux-mvl-dove< 2.6.32-416.33UNKNOWN
ubuntu10.10noarchlinux-ti-omap4< 2.6.35-903.23UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	linux	< 2.6.24-29.90	UNKNOWN
ubuntu	10.04	noarch	linux	< 2.6.32-31.60	UNKNOWN
ubuntu	10.10	noarch	linux	< 2.6.35-29.51	UNKNOWN
ubuntu	10.04	noarch	linux-ec2	< 2.6.32-315.28	UNKNOWN
ubuntu	10.04	noarch	linux-fsl-imx51	< 2.6.31-609.26	UNKNOWN
ubuntu	10.04	noarch	linux-lts-backport-maverick	< 2.6.35-30.54~lucid1	UNKNOWN
ubuntu	10.04	noarch	linux-mvl-dove	< 2.6.32-216.33	UNKNOWN
ubuntu	10.10	noarch	linux-mvl-dove	< 2.6.32-416.33	UNKNOWN
ubuntu	10.10	noarch	linux-ti-omap4	< 2.6.35-903.23	UNKNOWN