CVE-2010-2530

Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.

Published: Sep 29, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-2530
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
netbsd / netbsd	2.0.4	2.0.4.x
netbsd / netbsd	1.5.3	1.5.3.x
netbsd / netbsd	1.6	1.6.x
netbsd / netbsd	3.99.15	3.99.15.x
netbsd / netbsd	1.3	1.3.x
netbsd / netbsd	5.0	5.0.x
netbsd / netbsd	1.5	1.5.x
netbsd / netbsd	2.1	2.1.x
netbsd / netbsd	4.0-beta	4.0-beta.x
netbsd / netbsd	1.2.1	1.2.1.x
netbsd / netbsd	1.3.1	1.3.1.x
netbsd / netbsd	2.0.2	2.0.2.x
netbsd / netbsd	1.6.1	1.6.1.x
netbsd / netbsd	3.0.1	3.0.1.x
netbsd / netbsd	1.4.2	1.4.2.x
netbsd / netbsd	2.0.3	2.0.3.x
netbsd / netbsd	3.0.2	3.0.2.x
netbsd / netbsd	1.6.2	1.6.2.x
netbsd / netbsd	1.3.3	1.3.3.x
netbsd / netbsd	4.0.1	4.0.1.x
netbsd / netbsd	1.0	1.0.x
netbsd / netbsd	1.6-beta	1.6-beta.x
netbsd / netbsd	0.9	0.9.x
netbsd / netbsd	2.1.1	2.1.1.x
netbsd / netbsd	1.5.1	1.5.1.x
netbsd / netbsd	0.8	0.8.x
netbsd / netbsd	1.1	1.1.x
netbsd / netbsd	1.5.2	1.5.2.x
netbsd / netbsd	1.4.3	1.4.3.x
netbsd / netbsd	2.0.1	2.0.1.x
netbsd / netbsd	5.0.1	5.0.1.x
netbsd / netbsd	3.1	3.1.x
netbsd / netbsd	1.4	1.4.x
netbsd / netbsd	3.0	3.0.x
netbsd / netbsd	1.3.2	1.3.2.x
netbsd / netbsd	1.4.1	1.4.1.x
netbsd / netbsd	-	5.0.2.x
netbsd / netbsd	2.0	2.0.x
netbsd / netbsd	1.2	1.2.x
netbsd / netbsd	4.0-beta2	4.0-beta2.x
freebsd / freebsd	-	-
apple / mac_os_x	-	-

Vulnerability Database

289,697

CVE-2010-2530