CVE-2010-0271

CVE-2010-0271 is a medium-severity vulnerability in Sun Opensolaris with a CVSS 2.0 base score of 4.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-264.

Key facts

Description

hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.

Frequently asked questions

What is CVE-2010-0271?
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.
How severe is CVE-2010-0271?
CVE-2010-0271 has a CVSS 2.0 base score of 4.6, rated medium severity.
Is CVE-2010-0271 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (24th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2010-0271?
CVE-2010-0271 primarily affects Sun Opensolaris. In total, 160 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2010-0271?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2010-0271 published?
CVE-2010-0271 was published on 2010-01-08 and last updated on 2026-06-16.

References

Affected products (160)

More vulnerabilities in Sun Opensolaris

All CVEs affecting Sun Opensolaris →

Other CWE-264 (Permissions, Privileges, and Access Controls) vulnerabilities

Browse all CWE-264 (Permissions, Privileges, and Access Controls) vulnerabilities →