QwikSec

Security Database

CVE

CWE

Training

CVE-2010-3014

Published: Aug 20, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15&r2=1.16&only_with_tag=MAIN

x_refsource_CONFIRM

http://www.vsecurity.com/resources/advisory/20100816-1/

x_refsource_MISC

http://svn.freebsd.org/viewvc/base?view=revision&revision=210997

x_refsource_CONFIRM

20100816 CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.