VYPR
Unrated severityNVD Advisory· Published Nov 29, 2010· Updated Jun 16, 2026

CVE-2010-4072

CVE-2010-4072

Description

The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • Linux/Kernel3 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <2.6.37
    • cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*
    • (no CPE)range: < 2.6.37-rc1
  • cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

39

News mentions

0

No linked articles in our index yet.