CVE-2010-0453: Input Validation
First published: Wed Feb 03 2010(Updated: )
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_127 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_70 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_114 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_90 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_93 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_110 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_85 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_116 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_120 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_72 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_117 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_87 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_123 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_92 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_131 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_77 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_126 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_80 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_130 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_119 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_103 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_84 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_121 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_106 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_86 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_100 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_112 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_89 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_124 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_129 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_78 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_96 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_132 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_99 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_107 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_79 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_122 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_115 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_69 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_98 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_109 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_113 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_71 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_82 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_102 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_105 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_108 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_75 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_81 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_128 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_95 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_133 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_88 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_73 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_104 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_94 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_101 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_83 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_97 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_125 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_74 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_111 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_91 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_76 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_118 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/62046
- http://www.vupen.com/english/advisories/2010/0270
- http://www.securityfocus.com/bid/38016
- http://secunia.com/advisories/38452
- http://www.trapkit.de/advisories/TKADV2010-001.txt
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-143913-01-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1
- http://www.us-cert.gov/cas/techalerts/TA10-103B.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021799.1-1
- http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55991
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6959
- http://www.securityfocus.com/archive/1/509276/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2010-0453?
The severity of CVE-2010-0453 is classified as medium due to its ability to cause a denial of service.
How do I fix CVE-2010-0453?
To fix CVE-2010-0453, you should update to a patched version of Sun Solaris or OpenSolaris that addresses this vulnerability.
Who is affected by CVE-2010-0453?
CVE-2010-0453 affects local users on Sun Solaris 10 and OpenSolaris snv_69 through snv_133, specifically on x86 architectures.
What impact does CVE-2010-0453 have on systems?
CVE-2010-0453 can trigger a system panic, resulting in a denial of service for affected systems.
Is there a workaround for CVE-2010-0453?
There is no widely known workaround for CVE-2010-0453; updating the software is the recommended approach.
- agent/weakness
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/sun
- canonical/oracle solaris and zettabyte file system (zfs)
- version/oracle solaris and zettabyte file system (zfs)/snv_127
- version/oracle solaris and zettabyte file system (zfs)/snv_70
- version/oracle solaris and zettabyte file system (zfs)/snv_114
- version/oracle solaris and zettabyte file system (zfs)/snv_90
- version/oracle solaris and zettabyte file system (zfs)/snv_93
- version/oracle solaris and zettabyte file system (zfs)/snv_110
- version/oracle solaris and zettabyte file system (zfs)/snv_85
- version/oracle solaris and zettabyte file system (zfs)/snv_116
- version/oracle solaris and zettabyte file system (zfs)/snv_120
- version/oracle solaris and zettabyte file system (zfs)/snv_72
- version/oracle solaris and zettabyte file system (zfs)/snv_117
- version/oracle solaris and zettabyte file system (zfs)/snv_87
- version/oracle solaris and zettabyte file system (zfs)/snv_123
- version/oracle solaris and zettabyte file system (zfs)/snv_92
- version/oracle solaris and zettabyte file system (zfs)/snv_131
- version/oracle solaris and zettabyte file system (zfs)/snv_77
- version/oracle solaris and zettabyte file system (zfs)/snv_126
- version/oracle solaris and zettabyte file system (zfs)/snv_80
- version/oracle solaris and zettabyte file system (zfs)/snv_130
- version/oracle solaris and zettabyte file system (zfs)/snv_119
- version/oracle solaris and zettabyte file system (zfs)/snv_103
- version/oracle solaris and zettabyte file system (zfs)/snv_84
- version/oracle solaris and zettabyte file system (zfs)/snv_121
- version/oracle solaris and zettabyte file system (zfs)/snv_106
- version/oracle solaris and zettabyte file system (zfs)/snv_86
- version/oracle solaris and zettabyte file system (zfs)/snv_100
- version/oracle solaris and zettabyte file system (zfs)/snv_112
- version/oracle solaris and zettabyte file system (zfs)/snv_89
- version/oracle solaris and zettabyte file system (zfs)/snv_124
- version/oracle solaris and zettabyte file system (zfs)/snv_129
- version/oracle solaris and zettabyte file system (zfs)/snv_78
- version/oracle solaris and zettabyte file system (zfs)/snv_96
- version/oracle solaris and zettabyte file system (zfs)/snv_132
- version/oracle solaris and zettabyte file system (zfs)/snv_99
- version/oracle solaris and zettabyte file system (zfs)/snv_107
- version/oracle solaris and zettabyte file system (zfs)/snv_79
- version/oracle solaris and zettabyte file system (zfs)/snv_122
- version/oracle solaris and zettabyte file system (zfs)/snv_115
- version/oracle solaris and zettabyte file system (zfs)/snv_69
- version/oracle solaris and zettabyte file system (zfs)/snv_98
- version/oracle solaris and zettabyte file system (zfs)/snv_109
- version/oracle solaris and zettabyte file system (zfs)/snv_113
- version/oracle solaris and zettabyte file system (zfs)/snv_71
- version/oracle solaris and zettabyte file system (zfs)/snv_82
- version/oracle solaris and zettabyte file system (zfs)/snv_102
- version/oracle solaris and zettabyte file system (zfs)/snv_105
- version/oracle solaris and zettabyte file system (zfs)/snv_108
- version/oracle solaris and zettabyte file system (zfs)/snv_75
- version/oracle solaris and zettabyte file system (zfs)/snv_81
- version/oracle solaris and zettabyte file system (zfs)/snv_128
- version/oracle solaris and zettabyte file system (zfs)/snv_95
- version/oracle solaris and zettabyte file system (zfs)/snv_133
- version/oracle solaris and zettabyte file system (zfs)/snv_88
- version/oracle solaris and zettabyte file system (zfs)/snv_73
- version/oracle solaris and zettabyte file system (zfs)/snv_104
- version/oracle solaris and zettabyte file system (zfs)/snv_94
- version/oracle solaris and zettabyte file system (zfs)/snv_101
- version/oracle solaris and zettabyte file system (zfs)/snv_83
- version/oracle solaris and zettabyte file system (zfs)/snv_97
- version/oracle solaris and zettabyte file system (zfs)/snv_125
- version/oracle solaris and zettabyte file system (zfs)/snv_74
- version/oracle solaris and zettabyte file system (zfs)/snv_111
- version/oracle solaris and zettabyte file system (zfs)/snv_91
- version/oracle solaris and zettabyte file system (zfs)/snv_76
- version/oracle solaris and zettabyte file system (zfs)/snv_118
- version/oracle solaris and zettabyte file system (zfs)/10.0