CVE-2010-0003 — Vulnetix

Try Vulnetix Request Demo

CVE-2010-0003 PUBLISHED CVSS 5.400000095367432 MEDIUM

The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local users to cause a denial of service (system slowdown or crash) by jumping to an address.

EPSS 0.06% · 19.5th percentile

Risk Scores

CVSS v2.0

5.400000095367432

EPSS Score

0.06%

19.5th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	0
n/a	n/a	n/a
debian	debian_linux	4.0, 5.0

Timeline

Jan 12, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://www.vmware.com/security/advisories/VMSA-2011-0003.html url
http://secunia.com/advisories/39033 advisory
http://secunia.com/advisories/43315 advisory
[oss-security] 20100112 CVE request - kernel: infoleak if print-fatal-signals=1 mailing-list
RHSA-2010:0146 vendor-advisory
RHSA-2010:0147 vendor-advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4 url
37724 vdb
38779 third-party-advisory
SUSE-SA:2010:012 vendor-advisory
http://patchwork.kernel.org/patch/69752/ url
SUSE-SA:2010:014 vendor-advisory
FEDORA-2010-0919 vendor-advisory
DSA-1996 vendor-advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0 url
38333 third-party-advisory
[oss-security] 20100113 Re: CVE request - kernel: infoleak if print-fatal-signals=1 mailing-list
https://bugzilla.redhat.com/show_bug.cgi?id=554578 url
oval:org.mitre.oval:def:10550 vdb
DSA-2005 vendor-advisory

…and 7 more

Open in Interactive Console →