CVE-2010-2803

LOW

Description

The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount.

References

http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=1b2f1489633888d4a06028315dc19d65768a1c05

http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b9f0aee83335db1f3915f4e42a5e21b351740afd

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

http://secunia.com/advisories/41512

http://www.debian.org/security/2010/dsa-2094

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

http://www.redhat.com/support/errata/RHSA-2010-0842.html

http://www.vupen.com/english/advisories/2010/2430

http://www.vupen.com/english/advisories/2011/0298

https://bugzilla.redhat.com/show_bug.cgi?id=621435

Details

Source: MITRE

Published: 2010-09-08

Updated: 2020-08-26

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

Vulnerable Software

Tenable Plugins

View all (12 total)

ID	Name	Product	Family	Severity
75549	openSUSE Security Update : kernel (openSUSE-SU-2010:0634-1)	Nessus	SuSE Local Security Checks	high
60893	Scientific Linux Security Update : kernel on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
53669	openSUSE Security Update : kernel (openSUSE-SU-2010:0895-2)	Nessus	SuSE Local Security Checks	high
51610	SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3068 / 3069 / 3070)	Nessus	SuSE Local Security Checks	critical
50925	SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 3358 / 3361 / 3362)	Nessus	SuSE Local Security Checks	high
50629	RHEL 6 : kernel (RHSA-2010:0842)	Nessus	Red Hat Local Security Checks	high
49795	Mandriva Linux Security Advisory : kernel (MDVSA-2010:198)	Nessus	Mandriva Local Security Checks	critical
49671	openSUSE Security Update : kernel (openSUSE-SU-2010:0664-1)	Nessus	SuSE Local Security Checks	critical
49666	Mandriva Linux Security Advisory : kernel (MDVSA-2010:188)	Nessus	Mandriva Local Security Checks	critical
48904	Ubuntu 8.04 LTS : linux regression (USN-974-2)	Nessus	Ubuntu Local Security Checks	high
48387	Debian DSA-2094-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	critical
48381	Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : linux, linux-{ec2,fsl-imx51,mvl-dove,source-2.6.15,ti-omap} vulnerabilities (USN-974-1)	Nessus	Ubuntu Local Security Checks	high