Back to search
CVE-2010-3298
Published: Sep 30, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5
x_refsource_CONFIRM
[oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks
mailing-list
x_refsource_MLIST
[oss-security] 20100914 CVE request: kernel: numerous infoleaks
mailing-list
x_refsource_MLIST
USN-1041-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2011:0007
vendor-advisory
x_refsource_REDHAT
SUSE-SA:2011:007
vendor-advisory
x_refsource_SUSE
[linux-kernel] 20100911 [PATCH] drivers/net/usb/hso.c: prevent reading uninitialized memory
mailing-list
x_refsource_MLIST
ADV-2011-0298
vdb-entry
x_refsource_VUPEN
SUSE-SA:2010:050
vendor-advisory
x_refsource_SUSE
42758
third-party-advisory
x_refsource_SECUNIA
42890
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=633140
x_refsource_CONFIRM
43226
vdb-entry
x_refsource_BID
ADV-2011-0070
vdb-entry
x_refsource_VUPEN
41440
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now