CVE-2010-4083

The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local…

mitre·CWE-909·Published 2010-11-30

CVSS

—

EPSS

0.00

KEV

Exploits

cve.orgen

310 chars

The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call.

NVDen

310 chars

NVDes

355 chars

La función copy_semid_to_user en ipc/sem.c en el kernel de Linux asntes de v2.6.36 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información potencialmente sensible de la pila de la memoria del kernel a través de un comando (1) IPC_INFO, (2) SEM_INFO, ( 3) IPC_STAT, o (4) SEM_STAT en una llamada al sistema semctl.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N