CVE-2010-3874Out-of-bounds Write in Kernel

CWE-787Out-of-bounds Write11 documents6 sources
Severity
4.0MEDIUMNVD
EPSS
0.1%
top 73.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Linux KernelDebian LinuxFedoraproject Fedora+4 more
Timeline
PublishedDec 29
Latest updateMay 13

Description

Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation.

CVSS vector

AV:L/AC:H/C:N/I:N/A:CExploitability: 1.9 | Impact: 6.9

Affected Packages5 packages

NVDlinux/linux_kernel< 2.6.36.2
NVDopensuse/opensuse11.2, 11.3+1

Also affects: Debian Linux 5.0, Fedora 13

Patches

Patch: www.spinics.netPatch: www.spinics.netPatch: bugzilla.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-jg8g-r9vq-jqfp: Heap-based buffer overflow in the bcm_connect function in net/can/bcm2022-05-13
CVEList
CVE-2010-3874: Heap-based buffer overflow in the bcm_connect function in net/can/bcm2010-12-29

📋Vendor Advisories

7
Ubuntu
Linux kernel (OMAP4) vulnerabilities2011-09-13
Ubuntu
Linux kernel vulnerabilities (i.MX51)2011-07-06
Ubuntu
Linux Kernel vulnerabilities (Marvell Dove)2011-03-25
Ubuntu
Linux kernel vulnerabilities2011-03-03
Ubuntu
Linux kernel vulnerabilities2011-02-25

💬Community

1
Bugzilla
CVE-2010-3874 kernel: CAN minor heap overflow2010-11-04
CVE-2010-3874 — Out-of-bounds Write in Linux Kernel | cvebase