CVE-2010-0453
SUN Opensolaris - Improper Input Validation
Title source: ruleDescription
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
Exploits (1)
exploitdb
WORKING POC
by Patroklos Argyroudis · cdossolaris
https://www.exploit-db.com/exploits/11351
References (13)
Scores
EPSS
0.0022
EPSS Percentile
44.3%
Details
CWE
CWE-20
Status
published
Products (50)
sun/opensolaris
snv_69
sun/opensolaris
snv_70
sun/opensolaris
snv_71
sun/opensolaris
snv_72
sun/opensolaris
snv_73
sun/opensolaris
snv_74
sun/opensolaris
snv_75
sun/opensolaris
snv_76
sun/opensolaris
snv_77
sun/opensolaris
snv_78
... and 40 more
Published
Feb 03, 2010
Tracked Since
Feb 18, 2026