CVE-2010-4073 - CERT CVE
ID CVE-2010-4073
Sažetak The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.
Reference
CVSS
Base: 1.9
Impact: 2.9
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:L/AC:M/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje 07-11-2023 - 02:06
Objavljeno 29-11-2010 - 16:00