CVE-2010-3437 vulnerability in Canonical and Other Products
Published on October 4, 2010

Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2010-3437

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2010-3437 are published in these products:

Canonical Ubuntu Linux

Debian Linux

Linux Kernel

OpenSuse

Suse Linux Enterprise Desktop

Suse Linux Enterprise Real Time Extension

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Exploit Probability

EPSS

1.83%

Percentile

82.54%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2010-3437 vulnerability in Canonical and Other ProductsPublished on October 4, 2010

Products Associated with CVE-2010-3437

Exploit Probability

CVE-2010-3437 vulnerability in Canonical and Other Products
Published on October 4, 2010