CVE-2010-3437
EXPLOITEDLinux kernel <2.6.36-rc6 - Info Disclosure/DoS
Title source: llmDescription
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jon Oberheide · clocallinux
https://www.exploit-db.com/exploits/15150
References (24)
... and 4 more
Scores
EPSS
0.0183
EPSS Percentile
83.0%
Details
VulnCheck KEV
2026-02-09
CWE
CWE-476
Status
published
Products (18)
canonical/ubuntu_linux
6.06
canonical/ubuntu_linux
8.04
canonical/ubuntu_linux
9.04
canonical/ubuntu_linux
9.10
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
10.10
debian/debian_linux
5.0
linux/linux_kernel
2.6.36 (6 CPE variants)
linux/linux_kernel
< 2.6.36
opensuse/opensuse
11.2
... and 8 more
Published
Oct 04, 2010
Tracked Since
Feb 18, 2026