CVE-2010-3298
published 2010-09-30CVE-2010-3298: The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows…
low2.1CVSS 3.1
AVLACLAuNCPINAN
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| linux | linux_kernel | < 2.6.36 | 2.6.36 |
| linux | linux_kernel | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_real_time_extension | — | — |
| suse | linux_enterprise_server | — | — |