CVE-2010-3298

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.36-rc5

Description The issue is related to the hso get count function in the Linux kernel, which does not properly initialize a certain structure member. This allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Recommendations For Linux kernel versions prior to 2.6.36-rc5, update to version 2.6.36-rc5 or later to resolve the issue. As a temporary workaround, consider restricting access to the TIOCGICOUNT ioctl call to minimize the risk of exploitation.