CVE-2010-1083 in Kernelinfo

Summary

The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/23/2010

Disclosure

04/06/2010

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
52615	Linux Kernel processcompl_compat resource management	399	Not defined	Not defined	CVE-2010-1083

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!