Podatność CVE-2010-0307


Publikacja: 2010-02-17   Modyfikacja: 2012-02-13

Opis:
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
Mathias Krause
19.02.2010

Typ:

CWE-Other

Producent: Canonical
Produkt: Ubuntu linux 
Wersje:
9.10
9.04
8.10
8.04
6.06
Zobacz więcej wersji na NVD
Producent: Intel
Produkt: E1000 
Wersje:
7.4.35
7.4.27
7.3.20
7.3.15
7.2.9
7.2.7
7.1.9
7.0.41
7.0.33
6.3.9
6.2.15
6.1.16
6.0.60
6.0.54
5.7.6
5.6.10.1
5.6.10
5.5.4
5.4.11
5.3.19
5.2.52
5.2.30.1
5.2.22
Zobacz więcej wersji na NVD
Producent: Debian
Produkt: Debian linux 
Wersje: 5.0; 4.0;
Producent: Linux
Produkt: Linux kernel 
Wersje:
2.6.32.7
2.6.32.6
2.6.32.5
2.6.32.4
2.6.32.3
2.6.32.2
2.6.32.1
2.6.32
2.6.30
2.6.29.rc2-git1
2.6.29.rc1
2.6.29.3
2.6.29
2.6.28
2.6.27
2.6.26.5
2.6.26.4
2.6.26.3
2.6.26.2
2.6.26.1
2.6.26
2.6.25.9
2.6.25.8
2.6.25.7
2.6.25.6
2.6.25.5
2.6.25.4
2.6.25.3
2.6.25.2
2.6.25.17
2.6.25.16
2.6.25.14
2.6.25.13
2.6.25.12
Zobacz więcej wersji na NVD
Produkt: Kernel 
Wersje:
2.6.32.7
2.6.32.6
2.6.32.5
2.6.32.4
2.6.32.3
2.6.32.2
2.6.32.1
2.6.32
2.6.30
2.6.29.rc2-git1
2.6.29.rc1
2.6.29.3
2.6.29
2.6.28
2.6.27
2.6.26.5
2.6.26.4
2.6.26.3
2.6.26.2
2.6.26.1
2.6.26
2.6.25.9
2.6.25.8
2.6.25.7
2.6.25.6
2.6.25.5
2.6.25.4
2.6.25.3
2.6.25.2
2.6.25.17
2.6.25.16
2.6.25.15
2.6.25.14
2.6.25.13
2.6.25.12
2.6.25.11
Zobacz więcej wersji na NVD

CVSS2 => (AV:L/AC:M/Au:N/C:N/I:N/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
4.7/10
6.9/10
3.4/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Pełny

 Referencje:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=221af7f87b97431e3ee21ce4b0e77d5411cf1549
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
http://marc.info/?l=linux-mm&m=126466407724382&w=2
http://marc.info/?t=126466700200002&r=1&w=2
http://support.avaya.com/css/P8/documents/100088287
http://www.debian.org/security/2010/dsa-1996
http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of,20100202,15754.html
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
http://www.openwall.com/lists/oss-security/2010/02/01/1
http://www.openwall.com/lists/oss-security/2010/02/01/5
http://www.openwall.com/lists/oss-security/2010/02/04/1
http://www.openwall.com/lists/oss-security/2010/02/04/9
http://www.redhat.com/support/errata/RHSA-2010-0398.html
http://www.redhat.com/support/errata/RHSA-2010-0771.html
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/38027
http://www.ubuntu.com/usn/USN-914-1
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vupen.com/english/advisories/2010/0638
https://bugzilla.redhat.com/show_bug.cgi?id=560547
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10870
https://rhn.redhat.com/errata/RHSA-2010-0146.html

Podobne CVE
CVE-2019-12615
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL poin...
CVE-2019-12614
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dere...
CVE-2019-3846
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
CVE-2019-12456
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the v...
CVE-2019-12455
An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference a...
CVE-2019-12454
An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors.
CVE-2019-12382
An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and s...
CVE-2019-12381
An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

Copyright 2019, cxsecurity.com

 

Back to Top