CVE-2010-4529

Priority
Description
Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in
the Linux kernel before 2.6.37 on platforms other than x86 allows local
users to obtain potentially sensitive information from kernel heap memory
via an IRLMP_ENUMDEVICES getsockopt call.
Ubuntu-Description
Dan Rosenberg discovered that IRDA did not correctly check the size of
buffers. On non-x86 systems, a local attacker could exploit this to read
kernel heap memory, leading to a loss of privacy.
Notes
Package
Upstream:released (2.6.37~rc8)
Package
Upstream:released (2.6.37~rc8)
Package
Upstream:released (2.6.37~rc8)
Package
Upstream:released (2.6.37~rc8)
Package
Upstream:released (2.6.37~rc8)
Package
Upstream:released (2.6.37~rc8)
Package
Upstream:released (2.6.37~rc8)
More Information

Updated: 2020-01-29 19:39:40 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)