CVE-2010-4078

Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise (affected versions not specified) Linux kernel versions prior to 2.6.36-rc6

Description The issue concerns multiple vulnerabilities in the Linux kernel, specifically affecting the sisfb ioctl function in drivers/video/sis/sis main.c. These vulnerabilities can be exploited remotely, potentially leading to a disruption in the availability of protected information. The sisfb ioctl function does not properly initialize a certain structure member, allowing local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET VBLANK ioctl call.

Recommendations For Linux kernel versions prior to 2.6.36-rc6, update to version 2.6.36-rc6 or later to resolve the issue. At the moment, there is no information about a newer version of SUSE Linux Enterprise that contains a fix for this vulnerability.