CVE-2010-2955
published 2010-09-08CVE-2010-2955: The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain…
low2.1CVSS 3.1
AVLACLAuNCPINAN
The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| linux | linux_kernel | < 2.6.36 | 2.6.36 |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 3.11.0-12.19 | 3.11.0-12.19 |
| opensuse | opensuse | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_real_time_extension | — | — |
| suse | linux_enterprise_server | — | — |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW