CVE-2010-4163

Published: Jan 3, 2011Modified: Apr 29, 2026

4.7

Vector

AV:L/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 3.4 / Impact: 6.9

Source: NVD

Description

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device.

Affected (6)

Products: Linux: Linux Kernel · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Real Time Extension, Linux Enterprise Server

1 product

1 product

3 products

Linux Enterprise Desktop

Linux Enterprise Real Time Extension

Linux Enterprise Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.36.2

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.2
Opensuse Opensuse	Version 11.3
Suse Linux Enterprise Desktop	Version 11 sp1
Suse Linux Enterprise Real Time Extension	Version 11 sp1
Suse Linux Enterprise Server	Version 11 sp1

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (40)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/10/18

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/12/2

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/29/1

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/42778

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42801

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42890

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42932

Source: secalert@redhat.com

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Source: secalert@redhat.com

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2011:029

Source: secalert@redhat.com

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2011-0007.html

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/44793

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2011/0012

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0124

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0298

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=652957

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689