Podatność CVE-2010-0307


Publikacja: 2010-02-17   Modyfikacja: 2012-02-13

Opis:
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
Mathias Krause
19.02.2010

Typ:

CWE-Other

Producent: Canonical
Produkt: Ubuntu linux 
Wersje:
9.10
9.04
8.10
8.04
6.06
Zobacz więcej wersji na NVD
Producent: Intel
Produkt: E1000 
Wersje:
7.4.35
7.4.27
7.3.20
7.3.15
7.2.9
7.2.7
7.1.9
7.0.41
7.0.33
6.3.9
6.2.15
6.1.16
6.0.60
6.0.54
5.7.6
5.6.10.1
5.6.10
5.5.4
5.4.11
5.3.19
5.2.52
5.2.30.1
5.2.22
Zobacz więcej wersji na NVD
Producent: Debian
Produkt: Debian linux 
Wersje: 5.0; 4.0;
Producent: Linux
Produkt: Linux kernel 
Wersje:
2.6.32.7
2.6.32.6
2.6.32.5
2.6.32.4
2.6.32.3
2.6.32.2
2.6.32.1
2.6.32
2.6.30
2.6.29.rc2-git1
2.6.29.rc1
2.6.29.3
2.6.29
2.6.28
2.6.27
2.6.26.5
2.6.26.4
2.6.26.3
2.6.26.2
2.6.26.1
2.6.26
2.6.25.9
2.6.25.8
2.6.25.7
2.6.25.6
2.6.25.5
2.6.25.4
2.6.25.3
2.6.25.2
2.6.25.17
2.6.25.16
2.6.25.14
2.6.25.13
2.6.25.12
Zobacz więcej wersji na NVD
Produkt: Kernel 
Wersje:
2.6.32.7
2.6.32.6
2.6.32.5
2.6.32.4
2.6.32.3
2.6.32.2
2.6.32.1
2.6.32
2.6.30
2.6.29.rc2-git1
2.6.29.rc1
2.6.29.3
2.6.29
2.6.28
2.6.27
2.6.26.5
2.6.26.4
2.6.26.3
2.6.26.2
2.6.26.1
2.6.26
2.6.25.9
2.6.25.8
2.6.25.7
2.6.25.6
2.6.25.5
2.6.25.4
2.6.25.3
2.6.25.2
2.6.25.17
2.6.25.16
2.6.25.15
2.6.25.14
2.6.25.13
2.6.25.12
2.6.25.11
Zobacz więcej wersji na NVD

CVSS2 => (AV:L/AC:M/Au:N/C:N/I:N/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
4.7/10
6.9/10
3.4/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Pełny

 Referencje:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=221af7f87b97431e3ee21ce4b0e77d5411cf1549
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
http://marc.info/?l=linux-mm&m=126466407724382&w=2
http://marc.info/?t=126466700200002&r=1&w=2
http://support.avaya.com/css/P8/documents/100088287
http://www.debian.org/security/2010/dsa-1996
http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of,20100202,15754.html
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
http://www.openwall.com/lists/oss-security/2010/02/01/1
http://www.openwall.com/lists/oss-security/2010/02/01/5
http://www.openwall.com/lists/oss-security/2010/02/04/1
http://www.openwall.com/lists/oss-security/2010/02/04/9
http://www.redhat.com/support/errata/RHSA-2010-0398.html
http://www.redhat.com/support/errata/RHSA-2010-0771.html
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/38027
http://www.ubuntu.com/usn/USN-914-1
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vupen.com/english/advisories/2010/0638
https://bugzilla.redhat.com/show_bug.cgi?id=560547
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10870
https://rhn.redhat.com/errata/RHSA-2010-0146.html

Podobne CVE
CVE-2019-17351
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, ak...
CVE-2019-17133
In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.
CVE-2019-17075
An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a D...
CVE-2019-17056
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
CVE-2019-17055
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
CVE-2019-17054
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
CVE-2019-17053
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
CVE-2019-17052
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

Copyright 2019, cxsecurity.com

 

Back to Top