CVE-2010-4157 — Integer Overflow or Wraparound in Kernel

CWE-190 — Integer Overflow or Wraparound13 documents6 sources

Severity

6.2MEDIUMNVD

EPSS

0.1%

top 70.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

7

Linux Kernel Fedoraproject Fedora Opensuse +4 more

Timeline

PublishedDec 10

Latest updateMay 13

Description

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages6 packages

▶NVDlinux/linux_kernel< 2.6.36.1

▶NVDsuse/linux_enterprise_server10, 11, 9+2

▶NVDsuse/linux_enterprise_desktop10, 11+1

▶NVDsuse/linux_enterprise_real_time_extension11

▶NVDsuse/linux_enterprise_software_development_kit10

Also affects: Fedora 13

Patches

Patch: openwall.com ↗Patch: openwall.com ↗Patch: openwall.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-p83g-f9xr-p3gp: Integer overflow in the ioc_general function in drivers/scsi/gdth↗2022-05-13

▶

CVEList

CVE-2010-4157: Integer overflow in the ioc_general function in drivers/scsi/gdth↗2010-12-10

▶

📋Vendor Advisories

9

Ubuntu

Linux kernel (OMAP4) vulnerabilities↗2011-09-13

▶

Ubuntu

Linux kernel vulnerabilities (i.MX51)↗2011-07-06

▶

Ubuntu

Linux Kernel vulnerabilities (Marvell Dove)↗2011-03-25

▶

Ubuntu

Linux kernel vulnerabilities↗2011-03-03

▶

Ubuntu

Linux kernel vulnerabilities↗2011-02-25

▶

💬Community

1

Bugzilla

CVE-2010-4157 kernel: gdth: integer overflow in ioc_general()↗2010-11-08

▶

CVE-2010-4157 — Integer Overflow or Wraparound | cvebase