Vulnerability Details : CVE-2010-4157
Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.
Vulnerability category: OverflowMemory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-4157
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-4157
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.2
|
MEDIUM | AV:L/AC:H/Au:N/C:C/I:C/A:C |
1.9
|
10.0
|
NIST |
CWE ids for CVE-2010-4157
-
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-4157
-
http://www.vupen.com/english/advisories/2011/0168
Webmail | OVH- OVHThird Party Advisory
-
http://www.vupen.com/english/advisories/2010/3321
Webmail | OVH- OVHThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2011-0162.html
SupportThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=651147
651147 – (CVE-2010-4157) CVE-2010-4157 kernel: gdth: integer overflow in ioc_general()Issue Tracking;Patch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/44648
Linux Kernel 'drivers/scsi/gdth.c' IOCTL Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2011/0124
Webmail | OVH- OVHThird Party Advisory
-
http://openwall.com/lists/oss-security/2010/11/09/3
oss-security - Re: CVE request: kernel: gdth: integer overflow in ioc_general()Mailing List;Patch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
[security-announce] SUSE Security Announcement: Realtime Linux Kernel (SMailing List;Third Party Advisory
-
http://openwall.com/lists/oss-security/2010/11/09/4
oss-security - Re: CVE request: kernel: gdth: integer overflow in ioc_general()Exploit;Mailing List;Patch;Third Party Advisory
-
http://www.securityfocus.com/archive/1/520102/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://openwall.com/lists/oss-security/2010/11/10/12
oss-security - Re: CVE request: kernel: gdth: integer overflow in ioc_general()Mailing List;Patch;Third Party Advisory
-
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
VMSA-2011-0012.3Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
[SECURITY] Fedora 13 Update: kernel-2.6.34.7-66.fc13Third Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.1
404: File not foundBroken Link
-
http://www.vupen.com/english/advisories/2011/0375
Webmail | OVH- OVHThird Party Advisory
-
http://www.vupen.com/english/advisories/2011/0012
Webmail | OVH- OVHThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://openwall.com/lists/oss-security/2010/11/09/1
oss-security - CVE request: kernel: gdth: integer overflow in ioc_general()Mailing List;Patch;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2011-0004.html
SupportThird Party Advisory
-
http://openwall.com/lists/oss-security/2010/11/09/5
oss-security - Re: CVE request: kernel: gdth: integer overflow in ioc_general()Mailing List;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0958.html
SupportThird Party Advisory
-
http://www.vupen.com/english/advisories/2011/0298
Webmail | OVH- OVHThird Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f63ae56e4e97fb12053590e41a4fa59e7daa74a4
-
http://ns3.spinics.net/lists/linux-scsi/msg47361.html
Broken Link
-
http://www.vupen.com/english/advisories/2011/0024
Webmail | OVH- OVHThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
Products affected by CVE-2010-4157
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:x64:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*