CVE-2010-0453
Summary
| CVE | CVE-2010-0453 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-02-03 18:30:00 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
CompleteAV:L/AC:L/Au:N/C:N/I:N/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Sun | Opensolaris | snv_100 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_101 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_102 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_103 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_104 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_105 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_106 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_107 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_108 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_109 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_110 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_111 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_112 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_113 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_114 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_115 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_116 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_117 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_118 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_119 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_120 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_121 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_122 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_123 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_124 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_125 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_126 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_127 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_128 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_129 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_130 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_131 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_132 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_133 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_69 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_70 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_71 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_72 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_73 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_74 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_75 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_76 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_77 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_78 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_79 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_80 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_81 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_82 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_83 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_84 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_85 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_86 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_87 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_88 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_89 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_90 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_91 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_92 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_93 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_94 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_95 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_96 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_97 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_98 | All | x86 | All |
| Operating System | Sun | Opensolaris | snv_99 | All | x86 | All |
| Operating System | Sun | Solaris | 10.0 | All | x86 | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| Sun Solaris 'CODE_GET_VERSION IOCTL' Local Denial Of Service Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| www.trapkit.de/advisories/TKADV2010-001.txt | af854a3a-2127-422b-91ae-364da2661108 | www.trapkit.de | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Patch, Vendor Advisory |
| #143913-01: SunOS 5.10_x86: ucode driver patch | af854a3a-2127-422b-91ae-364da2661108 | sunsolve.sun.com | Patch |
| #275910: This Alert Covers CVE-2010-0453 for the /dev/ucode Component of the Solaris and OpenSolaris Products. | af854a3a-2127-422b-91ae-364da2661108 | sunsolve.sun.com | |
| osvdb.org/62046 | af854a3a-2127-422b-91ae-364da2661108 | osvdb.org | |
| US-CERT Technical Cyber Security Alert TA10-103B -- Oracle Updates for Multiple Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.us-cert.gov | US Government Resource |
| sunsolve.sun.com/search/document.do | af854a3a-2127-422b-91ae-364da2661108 | sunsolve.sun.com | |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Solaris Microcode Device Denial of Service Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Oracle Critical Patch Update Advisory - April 2010 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| Repository / Oval Repository | af854a3a-2127-422b-91ae-364da2661108 | oval.cisecurity.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.