Strix
26.1K

CVE-2010-0453

UnknownEPSS 0.84%

Last modified

CVE-2010-0453 is a vulnerability of currently unknown severity. The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.. EPSS estimates a 0.84% chance of exploitation in the next 30 days.

Description

The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.

Metrics

EPSS Probability
0.84%

53.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SunOpensolarissnv_69
SunOpensolarissnv_70
SunOpensolarissnv_71
SunOpensolarissnv_72
SunOpensolarissnv_73
SunOpensolarissnv_74
SunOpensolarissnv_75
SunOpensolarissnv_76
SunOpensolarissnv_77
SunOpensolarissnv_78
SunOpensolarissnv_79
SunOpensolarissnv_80
SunOpensolarissnv_81
SunOpensolarissnv_82
SunOpensolarissnv_83
SunOpensolarissnv_84
SunOpensolarissnv_85
SunOpensolarissnv_86
SunOpensolarissnv_87
SunOpensolarissnv_88
SunOpensolarissnv_89
SunOpensolarissnv_90
SunOpensolarissnv_91
SunOpensolarissnv_92
SunOpensolarissnv_93
SunOpensolarissnv_94
SunOpensolarissnv_95
SunOpensolarissnv_96
SunOpensolarissnv_97
SunOpensolarissnv_98
SunOpensolarissnv_99
SunOpensolarissnv_100
SunOpensolarissnv_101
SunOpensolarissnv_102
SunOpensolarissnv_103
SunOpensolarissnv_104
SunOpensolarissnv_105
SunOpensolarissnv_106
SunOpensolarissnv_107
SunOpensolarissnv_108
SunOpensolarissnv_109
SunOpensolarissnv_110
SunOpensolarissnv_111
SunOpensolarissnv_112
SunOpensolarissnv_113
SunOpensolarissnv_114
SunOpensolarissnv_115
SunOpensolarissnv_116
SunOpensolarissnv_117
SunOpensolarissnv_118

Showing 50 of 66 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2010-0453?
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
How severe is CVE-2010-0453?
Severity scoring for CVE-2010-0453 is pending analysis. The EPSS model estimates a 0.84% probability of exploitation in the next 30 days.
How do I fix CVE-2010-0453?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-0453?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST