CVE-2010-4565
Linux Kernel < 2.6.36 - Exposure of Sensitive Information via CAN Broadcast Manager Filename
Title source: llmDescription
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename.
References (11)
Core 11
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2010/12/20/2
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.spinics.net/lists/netdev/msg145796.html
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.spinics.net/lists/netdev/msg146270.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2010/12/21/1
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2010/11/04/4
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=664544
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.spinics.net/lists/netdev/msg146468.html
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.spinics.net/lists/netdev/msg145791.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44661
Third Party Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://openwall.com/lists/oss-security/2010/11/03/3
Scores
EPSS
0.0049
EPSS Percentile
38.8%
Details
CWE
CWE-200
Status
published
Products (1)
linux/linux_kernel
< 2.6.36
Published
Dec 29, 2010
Tracked Since
Feb 18, 2026