{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87681?format=json","vulnerability_id":"VCID-sknd-kp51-juec","summary":"kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak","aliases":[{"alias":"CVE-2010-3078"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/127557?format=json","purl":"pkg:rpm/redhat/kernel@2.6.18-194.26.1?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13jv-4raj-3bc6"},{"vulnerability":"VCID-6fu4-n19v-jke8"},{"vulnerability":"VCID-c3cq-y1nq-akd3"},{"vulnerability":"VCID-cbze-qxa8-37be"},{"vulnerability":"VCID-rh1d-2czu-sqeb"},{"vulnerability":"VCID-sknd-kp51-juec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-194.26.1%3Farch=el5"},{"url":"http://public2.vulnerablecode.io/api/packages/127421?format=json","purl":"pkg:rpm/redhat/kernel@2.6.32-71.14.1?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13jv-4raj-3bc6"},{"vulnerability":"VCID-1bhm-5xj1-duh8"},{"vulnerability":"VCID-1d5z-ugrh-s7bj"},{"vulnerability":"VCID-22bx-f76m-e3c1"},{"vulnerability":"VCID-2m8w-7whg-jube"},{"vulnerability":"VCID-381s-khqd-muhz"},{"vulnerability":"VCID-3egz-urd4-yfbw"},{"vulnerability":"VCID-519v-6b9u-dygr"},{"vulnerability":"VCID-5754-km4k-ukd3"},{"vulnerability":"VCID-5pu5-muu2-1bf3"},{"vulnerability":"VCID-5x5t-fnw6-kqea"},{"vulnerability":"VCID-643a-mvrh-bbap"},{"vulnerability":"VCID-6x7p-5tt7-5fdv"},{"vulnerability":"VCID-cbze-qxa8-37be"},{"vulnerability":"VCID-cw6b-qbau-hbh7"},{"vulnerability":"VCID-dbrc-nqc1-x3ap"},{"vulnerability":"VCID-ek2s-wkm1-4ygb"},{"vulnerability":"VCID-f744-pabt-7ffu"},{"vulnerability":"VCID-gwuw-j14j-dffw"},{"vulnerability":"VCID-j49x-d5sv-wkek"},{"vulnerability":"VCID-m6hm-2cau-4fdg"},{"vulnerability":"VCID-mcdj-296n-1kc9"},{"vulnerability":"VCID-nej4-chcw-fqah"},{"vulnerability":"VCID-nq55-xn3b-8qdm"},{"vulnerability":"VCID-nub2-qpm7-n7gv"},{"vulnerability":"VCID-pqms-kbb2-wua8"},{"vulnerability":"VCID-rdyv-juby-e3gq"},{"vulnerability":"VCID-sknd-kp51-juec"},{"vulnerability":"VCID-uk6m-rq4u-nugy"},{"vulnerability":"VCID-y21h-7qfs-1kb7"},{"vulnerability":"VCID-zwvt-5gfz-suda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.32-71.14.1%3Farch=el6"}],"references":[{"reference_url":"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9","reference_id":"","reference_type":"","scores":[],"url":"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3078.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3078.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3078","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24081","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24124","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2431","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2447","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24253","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2432","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24364","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24382","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24339","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24282","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24299","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24289","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24265","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24138","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3078"},{"reference_url":"http://secunia.com/advisories/41284","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41284"},{"reference_url":"http://secunia.com/advisories/41512","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41512"},{"reference_url":"http://secunia.com/advisories/42890","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42890"},{"reference_url":"http://secunia.com/advisories/46397","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46397"},{"reference_url":"http://securitytracker.com/id?1024418","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024418"},{"reference_url":"http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4","reference_id":"","reference_type":"","scores":[],"url":"http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc4"},{"reference_url":"http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.linux.sgi.com/archives/xfs-masters/2010-09/msg00002.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/07/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/07/12","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/07/12"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0839.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0839.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0007.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0007.html"},{"reference_url":"http://www.securityfocus.com/archive/1/520102/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/520102/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/43022","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/43022"},{"reference_url":"http://www.ubuntu.com/usn/USN-1000-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1000-1"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2011-0012.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0012.html"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2430","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2430"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0298","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0298"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=630804","reference_id":"630804","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=630804"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3078","reference_id":"CVE-2010-3078","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0839","reference_id":"RHSA-2010:0839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0007","reference_id":"RHSA-2011:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0007"},{"reference_url":"https://usn.ubuntu.com/1000-1/","reference_id":"USN-1000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1000-1/"},{"reference_url":"https://usn.ubuntu.com/1074-1/","reference_id":"USN-1074-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1074-1/"},{"reference_url":"https://usn.ubuntu.com/1074-2/","reference_id":"USN-1074-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1074-2/"},{"reference_url":"https://usn.ubuntu.com/1083-1/","reference_id":"USN-1083-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1083-1/"},{"reference_url":"https://usn.ubuntu.com/1093-1/","reference_id":"USN-1093-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1093-1/"}],"weaknesses":[{"cwe_id":401,"name":"Missing Release of Memory after Effective Lifetime","description":"The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory."},{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."}],"exploits":[],"severity_range_score":"2.1 - 5.5","exploitability":"0.5","weighted_severity":"5.0","risk_score":2.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sknd-kp51-juec"}