CVE-2010-3080

HIGH

Description

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device.

References

http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commit;h=c598337660c21c0afaa9df5a65bb4a7a0cf15be8

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=27f7ad53829f79e799a253285318bff79ece15bd

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

http://secunia.com/advisories/42890

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

http://www.openwall.com/lists/oss-security/2010/09/08/7

http://www.redhat.com/support/errata/RHSA-2011-0007.html

http://www.securityfocus.com/bid/43062

http://www.ubuntu.com/usn/USN-1000-1

http://www.vupen.com/english/advisories/2011/0298

https://bugzilla.redhat.com/show_bug.cgi?id=630551

Details

Source: MITRE

Published: 2010-09-21

Updated: 2020-08-14

Type: CWE-415

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Tenable Plugins

View all (17 total)

ID	Name	Product	Family	Severity
75550	openSUSE Security Update : kernel (openSUSE-SU-2010:0655-1)	Nessus	SuSE Local Security Checks	high
68177	Oracle Linux 6 : kernel (ELSA-2011-0007)	Nessus	Oracle Linux Local Security Checks	high
65101	Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1083-1)	Nessus	Ubuntu Local Security Checks	critical
65103	Ubuntu 10.04 LTS / 10.10 : linux-mvl-dove vulnerabilities (USN-1093-1)	Nessus	Ubuntu Local Security Checks	high
55077	USN-1119-1 : linux-ti-omap4 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
53669	openSUSE Security Update : kernel (openSUSE-SU-2010:0895-2)	Nessus	SuSE Local Security Checks	high
51612	SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3276 / 3280 / 3284)	Nessus	SuSE Local Security Checks	high
51500	RHEL 6 : kernel (RHSA-2011:0007)	Nessus	Red Hat Local Security Checks	high
50925	SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 3358 / 3361 / 3362)	Nessus	SuSE Local Security Checks	high
50044	Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2, linux-source-2.6.15 vulnerabilities (USN-1000-1)	Nessus	Ubuntu Local Security Checks	critical
49795	Mandriva Linux Security Advisory : kernel (MDVSA-2010:198)	Nessus	Mandriva Local Security Checks	critical
49671	openSUSE Security Update : kernel (openSUSE-SU-2010:0664-1)	Nessus	SuSE Local Security Checks	critical
49666	Mandriva Linux Security Advisory : kernel (MDVSA-2010:188)	Nessus	Mandriva Local Security Checks	critical
49635	Fedora 14 : kernel-2.6.35.4-28.fc14 (2010-14832)	Nessus	Fedora Local Security Checks	high
49297	Fedora 13 : kernel-2.6.34.7-56.fc13 (2010-14890)	Nessus	Fedora Local Security Checks	high
49296	Fedora 12 : kernel-2.6.32.21-168.fc12 (2010-14878)	Nessus	Fedora Local Security Checks	high
49276	Debian DSA-2110-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high