CVE-2010-0453 - Vulnerability Details

The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Opensolaris Solaris

Configuration 1 [-]

OR	cpe:2.3:o:sun:opensolaris:snv_69::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_70::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_71::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_72::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_73::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_74::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_75::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_76::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_77::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_78::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_79::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_80::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_81::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_82::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_83::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_84::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_85::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_86::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_87::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_88::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_89::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_90::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_91::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_92::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_93::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_94::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_95::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_96::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_97::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_98::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_99::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_100::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_101::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_102::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_103::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_104::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_105::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_106::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_107::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_108::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_109::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_110::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_111::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_112::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_113::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_114::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_115::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_116::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_117::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_118::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_119::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_120::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_121::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_122::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_123::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_124::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_125::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_126::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_127::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_128::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_129::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_130::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_131::x86:::::
	cpe:2.3:o:sun:opensolaris:snv_132::x86:::::
cpe:2.3:o:sun:opensolaris:snv_133::x86:::::
cpe:2.3:o:sun:solaris:10.0::x86:::::

No data.

References

Link	Providers
http://osvdb.org/62046
http://secunia.com/advisories/38452
http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1
http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html
http://www.securityfocus.com/archive/1/509276/100/0/threaded
http://www.securityfocus.com/bid/38016
http://www.trapkit.de/advisories/TKADV2010-001.txt
http://www.us-cert.gov/cas/techalerts/TA10-103B.html
http://www.vupen.com/english/advisories/2010/0270
https://exchange.xforce.ibmcloud.com/vulnerabilities/55991
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-02-03T18:00:00

Updated: 2024-08-07T00:52:19.457Z

Reserved: 2010-01-28T00:00:00

Link: CVE-2010-0453

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-02-03T18:30:00.843

Modified: 2024-11-21T01:12:14.913

Link: CVE-2010-0453

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-01-31T00:00:00", "descriptions": [{"lang": "en", "value": "The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "TA10-103B", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1"}, {"name": "solaris-microcode-dos(55991)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55991"}, {"name": "38452", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38452"}, {"name": "1021799", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1"}, {"name": "oval:org.mitre.oval:def:6959", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"}, {"name": "20100131 [TKADV2010-001] Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/509276/100/0/threaded"}, {"name": "38016", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38016"}, {"name": "275910", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1"}, {"name": "62046", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/62046"}, {"tags": ["x_refsource_MISC"], "url": "http://www.trapkit.de/advisories/TKADV2010-001.txt"}, {"name": "ADV-2010-0270", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0270"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0453", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA10-103B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1", "refsource": "CONFIRM", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1"}, {"name": "solaris-microcode-dos(55991)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55991"}, {"name": "38452", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38452"}, {"name": "1021799", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1"}, {"name": "oval:org.mitre.oval:def:6959", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"}, {"name": "20100131 [TKADV2010-001] Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Dereference", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/509276/100/0/threaded"}, {"name": "38016", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38016"}, {"name": "275910", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1"}, {"name": "62046", "refsource": "OSVDB", "url": "http://osvdb.org/62046"}, {"name": "http://www.trapkit.de/advisories/TKADV2010-001.txt", "refsource": "MISC", "url": "http://www.trapkit.de/advisories/TKADV2010-001.txt"}, {"name": "ADV-2010-0270", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0270"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:52:19.457Z"}, "title": "CVE Program Container", "references": [{"name": "TA10-103B", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1"}, {"name": "solaris-microcode-dos(55991)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55991"}, {"name": "38452", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38452"}, {"name": "1021799", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1"}, {"name": "oval:org.mitre.oval:def:6959", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"}, {"name": "20100131 [TKADV2010-001] Oracle Solaris UCODE_GET_VERSION IOCTL Kernel NULL Pointer Dereference", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/509276/100/0/threaded"}, {"name": "38016", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38016"}, {"name": "275910", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1"}, {"name": "62046", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/62046"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.trapkit.de/advisories/TKADV2010-001.txt"}, {"name": "ADV-2010-0270", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0270"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0453", "datePublished": "2010-02-03T18:00:00", "dateReserved": "2010-01-28T00:00:00", "dateUpdated": "2024-08-07T00:52:19.457Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sun:opensolaris:snv_69:*:x86:*:*:*:*:*", "matchCriteriaId": "13B81B14-84C8-468A-AE11-30C4CB85E6F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_70:*:x86:*:*:*:*:*", "matchCriteriaId": "6395A3A9-97F2-4C88-B6D6-70DB2ACDC70D", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_71:*:x86:*:*:*:*:*", "matchCriteriaId": "8CC54F69-E96A-482F-B43D-2E3A7EC90E47", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_72:*:x86:*:*:*:*:*", "matchCriteriaId": "CDC656B7-529A-4963-955D-301A11CF5D09", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_73:*:x86:*:*:*:*:*", "matchCriteriaId": "506769C9-D306-4EEC-BE2E-6E501CBE90BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_74:*:x86:*:*:*:*:*", "matchCriteriaId": "37540C8F-FCC1-42DA-8EE3-D3E4FA5B315C", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_75:*:x86:*:*:*:*:*", "matchCriteriaId": "7AD5054B-18D8-44AE-AA4F-A07D12A63E55", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_76:*:x86:*:*:*:*:*", "matchCriteriaId": "4BAD68C2-4AA2-4346-B279-51206E0651FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_77:*:x86:*:*:*:*:*", "matchCriteriaId": "96F3D4B3-7828-40EB-BD67-A3CD5B210787", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_78:*:x86:*:*:*:*:*", "matchCriteriaId": "C166F9F7-E8AB-4BA1-AEB6-1E7964976801", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_79:*:x86:*:*:*:*:*", "matchCriteriaId": "12B6730F-6CF1-4990-953F-1CC76D78B618", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_80:*:x86:*:*:*:*:*", "matchCriteriaId": "03B96DE7-70BD-4CD8-9574-8C024E51E91C", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_81:*:x86:*:*:*:*:*", "matchCriteriaId": "52D5BB76-FF5E-4BBA-A2D0-00EB574B9104", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_82:*:x86:*:*:*:*:*", "matchCriteriaId": "C29B1192-D709-48FB-816C-B4F30460E957", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_83:*:x86:*:*:*:*:*", "matchCriteriaId": "6DB1AC08-2564-4AAB-82AE-EB504FAA34FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_84:*:x86:*:*:*:*:*", "matchCriteriaId": "46D8D5D1-8855-4116-99B3-EA1F78FDEF02", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_85:*:x86:*:*:*:*:*", "matchCriteriaId": "999FFE1D-D7D4-476B-8A46-9D0179DB570B", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_86:*:x86:*:*:*:*:*", "matchCriteriaId": "2B14945C-350A-4895-92C1-932208533F9F", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_87:*:x86:*:*:*:*:*", "matchCriteriaId": "513D435B-D28B-4833-88E6-A1A8743177F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_88:*:x86:*:*:*:*:*", "matchCriteriaId": "4126C6C9-90AB-470E-AF83-4ED1FDD90511", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_89:*:x86:*:*:*:*:*", "matchCriteriaId": "3275E47F-5A4B-4843-A07C-82DEE852672C", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_90:*:x86:*:*:*:*:*", "matchCriteriaId": "58017DDC-63B3-458C-9803-4683211A4C3C", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_91:*:x86:*:*:*:*:*", "matchCriteriaId": "6692EE63-A76B-47C3-BC0D-7C15CA6FE013", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_92:*:x86:*:*:*:*:*", "matchCriteriaId": "BA1E27E5-FE20-42FA-9A61-A7174E705EB3", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_93:*:x86:*:*:*:*:*", "matchCriteriaId": "65A32803-580D-4D07-B39B-2159258CBA8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_94:*:x86:*:*:*:*:*", "matchCriteriaId": "13B51612-3BD6-449F-AD63-D01F8D05B269", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_95:*:x86:*:*:*:*:*", "matchCriteriaId": "4B2E7E54-2268-4C54-9363-C2D363D3A447", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_96:*:x86:*:*:*:*:*", "matchCriteriaId": "F6000B0F-0E72-4E68-A5EE-35BA6FB59C57", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_97:*:x86:*:*:*:*:*", "matchCriteriaId": "51AB0746-66E6-4FF5-9CB2-42E29A01C961", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_98:*:x86:*:*:*:*:*", "matchCriteriaId": "D1A9DCF7-F469-4D77-966F-3721F377D80B", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_99:*:x86:*:*:*:*:*", "matchCriteriaId": "3D028821-CA38-48C4-9324-222526AC8413", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*", "matchCriteriaId": "1F2CB558-9390-4AAE-A66D-E3DA537E3115", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*", "matchCriteriaId": "5ED4FAD0-E91F-438D-A3CB-BACFB7F7E975", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*", "matchCriteriaId": "411B33D1-F55D-42C0-9046-040ABC42E31B", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_103:*:x86:*:*:*:*:*", "matchCriteriaId": "0491828F-8BB7-4463-AEE7-BFA0C574B6A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_104:*:x86:*:*:*:*:*", "matchCriteriaId": "CE4D5683-259F-449E-B1C7-2BD81CC4805F", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_105:*:x86:*:*:*:*:*", "matchCriteriaId": "42B7F288-2D35-4988-97B0-C529485033C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_106:*:x86:*:*:*:*:*", "matchCriteriaId": "F276AFE2-B501-4355-9716-9D1A75AD09CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_107:*:x86:*:*:*:*:*", "matchCriteriaId": "8ADE7EBB-8014-459F-A189-9D902BEE1FD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_108:*:x86:*:*:*:*:*", "matchCriteriaId": "FF3DEB74-D65C-427A-8907-6044238E8C03", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_109:*:x86:*:*:*:*:*", "matchCriteriaId": "A7A2D975-A03A-494A-8CFE-2D8932906C14", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_110:*:x86:*:*:*:*:*", "matchCriteriaId": "5B3DB52A-595F-4A50-98D5-DF308471B823", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_111:*:x86:*:*:*:*:*", "matchCriteriaId": "B3BBCE23-9F15-45CD-859F-77ED540B51F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_112:*:x86:*:*:*:*:*", "matchCriteriaId": "053A0DA6-483C-49BB-BC7A-E624DB2C269E", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_113:*:x86:*:*:*:*:*", "matchCriteriaId": "447212A4-FACD-475E-A62B-60FE6504F63E", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_114:*:x86:*:*:*:*:*", "matchCriteriaId": "AB694DC0-407A-4555-8B72-DAF3C169DCE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_115:*:x86:*:*:*:*:*", "matchCriteriaId": "535FF689-13A2-40C6-8706-7782038FDBD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_116:*:x86:*:*:*:*:*", "matchCriteriaId": "843246D3-C2DA-454D-916A-AC8905E5134E", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_117:*:x86:*:*:*:*:*", "matchCriteriaId": "244B7FE4-C485-4993-9810-3433C83A120E", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_118:*:x86:*:*:*:*:*", "matchCriteriaId": "BE586AB9-9D46-4BC2-8092-51482F297410", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_119:*:x86:*:*:*:*:*", "matchCriteriaId": "3A5C836E-51A5-4B1C-AB03-A4DFDA440BD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_120:*:x86:*:*:*:*:*", "matchCriteriaId": "A1D4C98B-0D01-461C-93C2-0AF9DA6519A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_121:*:x86:*:*:*:*:*", "matchCriteriaId": "A0CE1A06-2588-47AA-81F8-E3655F915C33", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_122:*:x86:*:*:*:*:*", "matchCriteriaId": "5972E930-76E2-40FD-8E7F-74E012D34E39", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_123:*:x86:*:*:*:*:*", "matchCriteriaId": "A5991C3F-29F6-462F-A34E-2446E357A220", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_124:*:x86:*:*:*:*:*", "matchCriteriaId": "9C93BA4F-D07C-494C-B320-F34B8DED05C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_125:*:x86:*:*:*:*:*", "matchCriteriaId": "28AC2702-9612-427E-90FC-F513F2C4A8C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_126:*:x86:*:*:*:*:*", "matchCriteriaId": "458C52F5-B585-4F1D-AFBC-D5F0D6FD53AE", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_127:*:x86:*:*:*:*:*", "matchCriteriaId": "10888953-CE3A-43D5-B711-97B504E54898", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_128:*:x86:*:*:*:*:*", "matchCriteriaId": "067070D2-CF64-4E25-BCB0-7E431EF9A691", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_129:*:x86:*:*:*:*:*", "matchCriteriaId": "53C4ABBC-11B7-425F-8A8E-C8616FE947C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_130:*:x86:*:*:*:*:*", "matchCriteriaId": "E5596FE1-CDFB-4225-A6BA-4B175E5C7B36", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_131:*:x86:*:*:*:*:*", "matchCriteriaId": "219D6141-0DC5-4151-A622-8BBB8F645CB0", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_132:*:x86:*:*:*:*:*", "matchCriteriaId": "B90FEC88-33C8-4609-B24A-A6D46A620429", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:opensolaris:snv_133:*:x86:*:*:*:*:*", "matchCriteriaId": "6F85B7A3-1F3F-432C-BF9E-029391F854DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision."}, {"lang": "es", "value": "La funci\u00f3n ucode_ioctl en intel/io/ucode_drv.c en Sun Solaris v10 y OpenSolaris desde snv_69 hasta snv_133, cuando es ejecutado sobre arquitecturas x86, permite a usuarios locales producir una denegaci\u00f3n de servicio (panic) a trav\u00e9s de una petici\u00f3n con un valor de tama\u00f1o 0 al IOCTL UCODE_GET_VERSION el cual inicia una desreferencia a un puntero nulo en la funci\u00f3n ucode_get_rev, relacionado con el arreglo en la revisi\u00f3n de microc\u00f3digo."}], "id": "CVE-2010-0453", "lastModified": "2024-11-21T01:12:14.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-02-03T18:30:00.843", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/62046"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38452"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/509276/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38016"}, {"source": "cve@mitre.org", "url": "http://www.trapkit.de/advisories/TKADV2010-001.txt"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0270"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55991"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/62046"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38452"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/509276/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/38016"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trapkit.de/advisories/TKADV2010-001.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55991"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object