PT-2010-1041 · Linux+2 · Linux Kernel+2

Dan Rosenberg

Published

2010-08-20

Updated

2024-06-15

CVE-2010-3296

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.36-rc5 drbd-kmp-default (affected versions not specified)

Description The issue allows local users to obtain potentially sensitive information from kernel stack memory. Multiple vulnerabilities in the drbd-kmp-default package may lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally.

Recommendations For Linux kernel versions prior to 2.6.36-rc5, update to version 2.6.36-rc5 or later to resolve the issue. For drbd-kmp-default, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-189

Related Identifiers

BDU:2015-05302

CVE-2010-3296

DSA-2126-1

OPENSUSE-SU-2024:10128-1

RHSA-2010:0771

RHSA-2011:0017

RHSA-2011:0421

RHSA-2011_0017

RHSA-2011_0421

Affected Products

Linux Kernel

Red Hat

Drbd-Kmp-Default

PT-2010-1041 · Linux+2 · Linux Kernel+2

CVE-2010-3296

Weakness Enumeration

Related Identifiers

Affected Products

References · 167