VDB

CVE-2010-3297

CVE-2010-3297 PUBLISHED CVSS 6.900000095367432 MEDIUM

The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.

EPSS 0.10% · 27.5th percentile

Risk Scores

CVSS v4.0
6.900000095367432
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.10%
27.5th percentile

Affected Products

VendorProductVersions
debiandebian_linux5.0
opensuseopensuse11.1
canonicalubuntu_linux6.06, 9.10, 10.04
suselinux_enterprise_desktop11, 11
suselinux_enterprise_real_time_extension11
n/an/an/a
suselinux_enterprise_server11, 11
linuxlinux_kernel2.6.36, 2.6.36, 2.6.36

Timeline

  • Sep 30, 2010 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 17, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 1, 2023 EPSS Score
  • May 24, 2023 EPSS Score

References

…and 3 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›