CVE-2010-3437

CVE-2010-3437 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:N/A:C

Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.