Vulnerability CVE-2010-3014
Published: 2010-08-20   Modified: 2012-02-13

Description:
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.

See advisories in our WLB2 database:
Topic
Author
Date
Low
netbsd/freebsd Coda Filesystem Kernel Memory Disclosure
VSR Advisories
24.08.2010

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:L/AC:H/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
1.2/10
2.9/10
1.9/10
Exploit range
Attack complexity
Authentication
Local
High
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Netbsd -> Netbsd 
Freebsd -> Freebsd 

 References:
http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/coda/coda.h.diff?r1=1.15&r2=1.16&only_with_tag=MAIN
http://svn.freebsd.org/viewvc/base?view=revision&revision=210997
http://www.securityfocus.com/archive/1/513151/100/0/threaded
http://www.vsecurity.com/resources/advisory/20100816-1/
Copyright 2024, cxsecurity.com

 

Back to Top