CVE-2010-4565

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.37

Description The issue allows local users to obtain potentially sensitive information about kernel memory use. This is due to the bcm connect function in the Controller Area Network (CAN) implementation creating a publicly accessible file with a filename containing a kernel memory address.

Recommendations For Linux kernel versions prior to 2.6.37, consider upgrading to version 2.6.37 or later to resolve the issue. As a temporary workaround, consider restricting access to the publicly accessible file created by the bcm connect function to minimize the risk of exploitation.