CVE-2010-4077

Linux Kernel < 2.6.36.1 - Information Disclosure

Title source: rule

Description

The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

Exploits (1)

exploitdb WORKING POC

by prdelka · cdoslinux

https://www.exploit-db.com/exploits/16973

View Code ZIP pw:eip

References (12)

[Patch] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d281da7ff6f70efca0553c288bb883e8605b3862

[Patch, Third Party Advisory] http://lkml.indiana.edu/hypermail//linux/kernel/1009.1/03387.html

[Third Party Advisory] http://secunia.com/advisories/42890

[Exploit, Third Party Advisory] http://securityreason.com/securityalert/8129

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/09/25/2

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/10/06/6

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/10/07/1

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2010/10/25/3

[Third Party Advisory] http://www.redhat.com/support/errata/RHSA-2010-0958.html

[Third Party Advisory] http://www.redhat.com/support/errata/RHSA-2011-0007.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/45059

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=648663

Scores

EPSS 0.0048

EPSS Percentile 65.2%

Details

CWE

CWE-200

Status published

Products (1)

linux/linux_kernel < 2.6.36.1

Published Nov 29, 2010

Tracked Since Feb 18, 2026