CVE-2010-3080

Published: Sep 21, 2010Modified: Apr 29, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device.

Affected (15)

Products: Linux: Linux Kernel · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Real Time Extension, Linux Enterprise Server · +1 more

Show all products

Linux: Linux Kernel · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Real Time Extension, Linux Enterprise Server · Canonical: Ubuntu Linux

1 product

1 product

3 products

Linux Enterprise Desktop

Linux Enterprise Real Time Extension

Linux Enterprise Server

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.36
Linux Linux Kernel	Version 2.6.36
Linux Linux Kernel	Version 2.6.36 rc1
Linux Linux Kernel	Version 2.6.36 rc2
Linux Linux Kernel	Version 2.6.36 rc3

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.1
Suse Linux Enterprise Desktop	Version 11 sp1
Suse Linux Enterprise Real Time Extension	Version 11 sp1
Suse Linux Enterprise Server	Version 11 sp1

Configuration C

6 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 10.04
Canonical Ubuntu Linux	Version 10.10
Canonical Ubuntu Linux	Version 6.06
Canonical Ubuntu Linux	Version 8.04
Canonical Ubuntu Linux	Version 9.04
Canonical Ubuntu Linux	Version 9.10

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (28)

http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8

Source: secalert@redhat.com

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27f7ad53829f79e799a253285318bff79ece15bd

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/42890

Source: secalert@redhat.com

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4

Source: secalert@redhat.com

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2010/09/08/7

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-0007.html

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/43062

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-1000-1

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0298

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=630551

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27f7ad53829f79e799a253285318bff79ece15bd

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://secunia.com/advisories/42890

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2010/09/08/7

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-0007.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/43062

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-1000-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0298

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=630551

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

Timeline

No history available yet.