CVE-2010-4656

Priority
Low
Description
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux
kernel before 2.6.37 does not properly allocate memory, which might allow
local users to trigger a heap-based buffer overflow, and consequently cause
a denial of service or gain privileges, via a long report.
Ubuntu-Description
Kees Cook discovered that the IOWarrior USB device driver did not correctly
check certain size fields. A local attacker with physical access could plug
in a specially crafted USB device to crash the system or potentially gain
root privileges.
References
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.37~rc1)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3ed780117dbe5acb64280d218f0347f238dafed0
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
More Information

Updated: 2018-06-26 04:38:57 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)