CVE-2010-4077

Priority
Description
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux
kernel 2.6.36.1 and earlier does not properly initialize a certain
structure member, which allows local users to obtain potentially sensitive
information from kernel stack memory via a TIOCGICOUNT ioctl call.
Ubuntu-Description
Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
Notes
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
More Information

Updated: 2019-12-05 20:55:55 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)