Unrated severityNVD Advisory· Published Nov 29, 2010· Updated Apr 29, 2026
CVE-2010-4072
CVE-2010-4072
Description
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface."
Affected products
15cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
38- lkml.org/lkml/2010/10/6/454nvdPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/42758nvdThird Party Advisory
- secunia.com/advisories/42778nvdThird Party Advisory
- secunia.com/advisories/42884nvdThird Party Advisory
- secunia.com/advisories/42890nvdThird Party Advisory
- secunia.com/advisories/42932nvdThird Party Advisory
- secunia.com/advisories/42963nvdThird Party Advisory
- secunia.com/advisories/43161nvdThird Party Advisory
- secunia.com/advisories/43291nvdThird Party Advisory
- secunia.com/advisories/46397nvdThird Party Advisory
- www.debian.org/security/2010/dsa-2126nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2010/10/07/1nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2010/10/25/3nvdMailing ListThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0958.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2011-0007.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2011-0017.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2011-0162.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/520102/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/45054nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1041-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1057-1nvdThird Party Advisory
- www.vmware.com/security/advisories/VMSA-2011-0012.htmlnvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0012nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0070nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0124nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0168nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0280nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0298nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0375nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc1nvdBroken Link
News mentions
0No linked articles in our index yet.