PT-2011-1106 · Linux+1 · Linux Kernel+1

Vasiliy Kulikov

·

Published

2011-01-03

·

Updated

2023-02-13

·

CVE-2010-3876

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.37-rc2 kernel-devel-2.6.9 kernel-doc-2.6.9 kernel-hugemem-2.6.9 kernel-2.6.9 kernel-largesmp-2.6.9 kernel-smp-devel-2.6.9 kernel-smp-2.6.9 kernel-hugemem-devel-2.6.9 kernel-largesmp-devel-2.6.9 kernel-smp-devel-2.6.9
Description The issue affects the Linux kernel and can lead to a breach of confidentiality, integrity, and availability of protected information. Exploitation can be done remotely. Local users can obtain potentially sensitive information from kernel stack memory by leveraging the CAP NET RAW capability to read copies of the applicable structures.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Resource Exhaustion

Weakness Enumeration

CWE-787CWE-909CWE-400

Related Identifiers

BDU:2015-06240
BDU:2015-06252
BDU:2015-06256
BDU:2015-06261
BDU:2015-06262
BDU:2015-06266
BDU:2015-06267
BDU:2015-06270
BDU:2015-06271
BDU:2015-08630
BDU:2015-08631
BDU:2015-08632
BDU:2015-08633
BDU:2015-08634
BDU:2015-08635
BDU:2015-08636
BDU:2015-08637
BDU:2015-08638
CVE-2010-3876
DSA-2126-1
RHSA-2010:0958
RHSA-2011:0004
RHSA-2011:0007
RHSA-2011:0162
RHSA-2011_0004
RHSA-2011_0007
RHSA-2011_0162

Affected Products

Linux Kernel
Red Hat