Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-4074

EPSS 0.07% · P23
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-4074

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel USB子系统信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux Kernel 是开放源码操作系统Linux所使用的内核。 Linux kernel 2.6.36-rc5之前版本中的USB子系统没有正确初始化某些结构体成员。本地用户可以借助和TIOCGICOUNT输入输出控制调用有关的向量,以及(1)drivers/usb/serial/mos7720.c文件中的mos7720_ioctl函数,(2)drivers/usb/serial/mos7840.c文件中的mos7840_ioctl函数,从内核栈内存中获取潜在敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-4074

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-4074

登录查看更多情报信息。

Same Patch Batch · n/a · 2010-11-29 · 9 CVEs total

CVE-2010-4072Linux Kernel ipc/shm.c文件信息泄露漏洞
CVE-2010-4073Linux kernel ipc子系统信息泄露漏洞
CVE-2010-4075Linux kernel uart_get_count函数信息泄露漏洞
CVE-2010-4076Linux kernel rs_ioctl函数信息泄露漏洞
CVE-2010-4077Linux kernel ntty_ioctl_tiocgicount函数信息泄露漏洞
CVE-2010-4078Linux kernel sisfb_ioctl函数信息泄露漏洞
CVE-2010-4079Linux Kernel ivtvfb_ioctl函数信息泄露漏洞
CVE-2010-4249Linux Kernel wait_for_unix_gc函数资源管理错误漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-4074

No comments yet

Leave a comment