CVE-2010-4656 (retired)

Priority
Description
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux
kernel before 2.6.37 does not properly allocate memory, which might allow
local users to trigger a heap-based buffer overflow, and consequently cause
a denial of service or gain privileges, via a long report.
Ubuntu-Description
Kees Cook discovered that the IOWarrior USB device driver did not correctly
check certain size fields. A local attacker with physical access could plug
in a specially crafted USB device to crash the system or potentially gain
root privileges.
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
Package
Upstream:released (2.6.37~rc1)
More Information

Updated: 2019-03-26 11:54:25 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)