New Search

Solaris and OpenSolaris Products /dev/ucode Component Vulnerability

oval:org.mitre.oval:def:6959

The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133 when running on x86 architectures allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL which triggers a NULL pointer dereference in the ucode_get_rev function related to retrieval of the microcode revision.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 10
Class:
vulnerability
Reference(s):
  • CVE-2010-0453
Product(s):