Vulnerability CVE-2010-1085
Published: 2010-04-06   Modified: 2012-02-13

Description:
The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error.

See advisories in our WLB2 database:
Topic
Author
Date
High
linux kernel 2.6.33 ALSA hda-intel Avoid divide by zero crash
Eugene Teo
10.04.2010

Type:

CWE-189

 (Numeric Errors)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
6.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Linux -> Kernel 
Linux -> Linux kernel 

 References:
http://lkml.org/lkml/2010/2/5/322
http://nctritech.net/bugreport.txt
http://support.avaya.com/css/P8/documents/100088287
http://support.avaya.com/css/P8/documents/100090459
http://www.openwall.com/lists/oss-security/2010/02/22/2
http://www.redhat.com/support/errata/RHSA-2010-0394.html
http://www.redhat.com/support/errata/RHSA-2010-0398.html
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/38348
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=567168
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10027
Copyright 2024, cxsecurity.com

 

Back to Top