CVE-2010-2538 — Vulnetix

Try Vulnetix Request Demo

CVE-2010-2538 PUBLISHED CVSS 5.5 MEDIUM

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

EPSS 0.08% · 22.6th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.08%

22.6th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	0
n/a	n/a	n/a
canonical	ubuntu_linux	10.04, 10.10, 9.10
suse	linux_enterprise_high_availability_extension	11
suse	linux_enterprise_desktop	11
suse	linux_enterprise_server	11

Timeline

Sep 30, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

41854 vdb
USN-1041-1 vendor-advisory
[oss-security] 20100721 Re: CVE request: kernel: btrfs mailing-list
SUSE-SA:2010:040 vendor-advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35 url
42758 third-party-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=616998 url
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ebc3464781ad24474abcbd2274e6254689853b5 url
ADV-2011-0070 vdb
[oss-security] 20100721 CVE request: kernel: btrfs mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2010-2538 advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2ebc3464781ad24474abcbd2274e6254689853b5 url

Open in Interactive Console →