CVE-2010-5331 - OpenCVE

In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-5331	Issue Tracking Patch Third Party Advisory
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0031c41be5c529f8329e327b63cde92ba1284842	Patch
https://github.com/torvalds/linux/commit/0031c41be5c529f8329e327b63cde92ba1284842	Patch
https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34	Broken Link
https://support.f5.com/csp/article/K33183814?utm_source=f5support&amp%3Butm_medium=RSS

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-27T21:38:21

Updated: 2020-02-20T16:17:41

Reserved: 2019-07-27T00:00:00

Link: CVE-2010-5331

JSON object: View

NVD Information

Status : Modified

Published: 2019-07-27T22:15:11.090

Modified: 2024-05-17T00:48:35.650

Link: CVE-2010-5331

JSON object: View

Redhat Information

No data.

CWE

CWE-193

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-20T16:17:41", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/0031c41be5c529f8329e327b63cde92ba1284842"}, {"tags": ["x_refsource_MISC"], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0031c41be5c529f8329e327b63cde92ba1284842"}, {"tags": ["x_refsource_MISC"], "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K33183814?utm_source=f5support&amp%3Butm_medium=RSS"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-5331"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-5331", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/torvalds/linux/commit/0031c41be5c529f8329e327b63cde92ba1284842", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/0031c41be5c529f8329e327b63cde92ba1284842"}, {"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0031c41be5c529f8329e327b63cde92ba1284842", "refsource": "MISC", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0031c41be5c529f8329e327b63cde92ba1284842"}, {"name": "https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34", "refsource": "MISC", "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34"}, {"name": "https://support.f5.com/csp/article/K33183814?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K33183814?utm_source=f5support&utm_medium=RSS"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-5331", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-5331"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-5331", "datePublished": "2019-07-27T21:38:21", "dateReserved": "2019-07-27T00:00:00", "dateUpdated": "2020-02-20T16:17:41", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BA10979-D59C-4A33-ACC8-A110A5ACFF74", "versionEndExcluding": "2.6.34", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this CVE is incorrectly assigned and should be rejected because the value is hard coded and are not user-controllable where it is used"}, {"lang": "es", "value": "** EN DISPUTA ** En el kernel de Linux anterior a la versi\u00f3n 2.6.34, un problema de verificaci\u00f3n de rango en drivers / gpu / drm / radeon / atombios.c podr\u00eda causar un problema de apagado por uno (desbordamiento del b\u00fafer). NOTA: Al menos un mantenedor de Linux cree que este CVE est\u00e1 asignado incorrectamente y debe rechazarse porque el valor est\u00e1 codificado y no es controlable por el usuario donde se usa."}], "id": "CVE-2010-5331", "lastModified": "2024-05-17T00:48:35.650", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-27T22:15:11.090", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-5331"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0031c41be5c529f8329e327b63cde92ba1284842"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/0031c41be5c529f8329e327b63cde92ba1284842"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34"}, {"source": "cve@mitre.org", "url": "https://support.f5.com/csp/article/K33183814?utm_source=f5support&amp%3Butm_medium=RSS"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-193"}], "source": "nvd@nist.gov", "type": "Primary"}]}