CVE-2010-4529

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.37

Description The issue is related to an integer underflow in the irda getsockopt function, which can allow local users to obtain potentially sensitive information from kernel heap memory. This is achieved via an IRLMP ENUMDEVICES getsockopt call.

Recommendations For Linux kernel versions prior to 2.6.37, update to version 2.6.37 or later to resolve the issue. As a temporary workaround, consider restricting access to the irda getsockopt function to minimize the risk of exploitation.