CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 2CVE-2010-4077 – Linux Kenel 2.6.37-rc1 - serial_core TIOCGICOUNT Leak
https://notcve.org/view.php?id=CVE-2010-4077
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. La función ntty_ioctl_tiocgicount de drivers/char/nozomi.c del kernel de Linux en versiones anteriores a la 2.6.36.1 y anteriores no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de una llamada ioctl TIOCGICOUNT. • https://www.exploit-db.com/exploits/16973 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862 http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html http://secunia.com/advisories/42890 http://securityreason.com/securityalert/8129 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/lists/oss-security/2010/10/0 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 7EXPL: 0CVE-2010-4074 – kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4074
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c. El subsistema USB del kernel de Linux en versiones anteriores a la 2.6.36-rc5 no inicializa apropiadamente miembros de estructuras, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de vectores relacionados con llamadas ioctl TIOCGICOUNT, y la (1) función mos7720_ioctl de drivers/usb/serial/mos7720.c y (2) mos7840_ioctl de drivers/usb/serial/mos7840.c. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a0846f1868b11cd827bdfeaf4527d8b1b1c0b098 http://lkml.org/lkml/2010/9/15/392 http://secunia.com/advisories/42890 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc5 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 10EXPL: 0CVE-2010-4079 – kernel: drivers/video/ivtv/ivtvfb.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4079
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. La función ivtvfb_ioctl de drivers/media/video/ivtv/ivtvfb.c del kernel de Linux en versiones anteriores a la 2.6.36-rc8 no inicializa apropiadamente un miembro determinado de una estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de pila del kernel a través de una llamada ioctl FBIOGET_VBLANK. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=405707985594169cfd0b1d97d29fcb4b4c6f2ac9 http://lkml.org/lkml/2010/9/15/393 http://secunia.com/advisories/42890 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.36/ChangeLog-2.6.36-rc8 http://www.openwall.com/lists/oss-security/2010/09/25/2 http://www.openwall.com/lists/oss-security/2010/10/06/6 http://www.openwall.com/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 15EXPL: 0CVE-2010-4072 – kernel: ipc/shm.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4072
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." La función copy_shmid_to_user de ipc/shm.c del kernel de Linux en versiones anteriores a la 2.6.37-rc1 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila a través de vectores de ataque relacionados con la llamada del sistema shmctl y el interfaz shm antigua. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3af54c9bd9e6f14f896aac1bb0e8405ae0bc7a44 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://lkml.or • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 1.9EPSS: 0%CPEs: 10EXPL: 2CVE-2010-4073 – Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-4073
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. El subsistema ipc del kernel de Linux en versiones anteriores a la 2.6.37-rc1 no inicializa determinadas estructuras, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila del kernel a través de vectores relacionados con las funciones (1) compat_sys_semctl, (2) compat_sys_msgctl, y (3) compat_sys_shmctl de ipc/compat.c; y las funciones (4) compat_sys_mq_open y (5) compat_sys_mq_getsetattr de ipc/compat_mq.c. • https://www.exploit-db.com/exploits/17787 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=03145beb455cf5c20a761e8451e30b8a74ba58d9 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-ann • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •