Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4158Sensitive Information Exposure in Kernel

CWE-200Sensitive Information Exposure17 documents7 sources
Severity
2.1LOWNVD
EPSS
0.2%
top 57.97%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
7
Linux KernelFedoraproject FedoraOpensuse+4 more
Timeline
PublishedDec 30
Latest updateMay 13

Description

The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages6 packages

NVDlinux/linux_kernel< 2.6.36.2

Also affects: Fedora 13

Patches

Patch: www.spinics.netPatch: bugzilla.redhat.comPatch: www.spinics.net

🔴Vulnerability Details

2
GHSA
GHSA-9x53-5f6r-73cq: The sk_run_filter function in net/core/filter2022-05-13
CVEList
CVE-2010-4158: The sk_run_filter function in net/core/filter2010-12-30

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure2010-11-09

📋Vendor Advisories

11
Ubuntu
Linux kernel (i.MX51) vulnerabilities2011-09-13
Ubuntu
Linux kernel (OMAP4) vulnerabilities2011-04-20
Ubuntu
Linux kernel vulnerabilities2011-04-05
Ubuntu
Linux Kernel vulnerabilities (Marvell Dove)2011-03-25
Ubuntu
Linux Kernel vulnerabilities2011-03-25

💬Community

2
Bugzilla
CVE-2010-4161 kernel: rhel5 commit 6865201191 caused deadlock2010-11-12
Bugzilla
CVE-2010-4158 kernel: socket filters infoleak2010-11-10
CVE-2010-4158 — Sensitive Information Exposure | cvebase