ID:10028 - Exploit for Information exposure in Linux kernel - CVE-2010-4077

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10028 - Exploit for Information exposure in Linux kernel - CVE-2010-4077

ID:10028 - Exploit for Information exposure in Linux kernel - CVE-2010-4077

Published: June 20, 2024


Vulnerability identifier: #VU92585
Vulnerability risk: Low
CVE-ID: CVE-2010-4077
CWE-ID: CWE-200
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information exposure error within the serial_tiocmset() function in drivers/usb/serial/usb-serial.c, within the uart_wait_modem_status(), uart_get_count() and uart_ioctl() functions in drivers/serial/serial_core.c, within the tty_tiocmset() and tty_ioctl() functions in drivers/char/tty_io.c. A local user can gain access to sensitive information.


Remediation

Install update from vendor's repository.