4.7

CVE-2010-0307

Exploit
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.32.8
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version6.06 SwEditionlts
CanonicalUbuntu Linux Version8.04 SwEditionlts
CanonicalUbuntu Linux Version8.10
CanonicalUbuntu Linux Version9.04
CanonicalUbuntu Linux Version9.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.83% 0.529
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/38492
Third Party Advisory
http://secunia.com/advisories/38779
Third Party Advisory
http://www.debian.org/security/2010/dsa-1996
Third Party Advisory
http://secunia.com/advisories/43315
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
Third Party Advisory
Mailing List
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
Third Party Advisory
https://rhn.redhat.com/errata/RHSA-2010-0146.html
Third Party Advisory
http://secunia.com/advisories/38922
Third Party Advisory
http://www.ubuntu.com/usn/USN-914-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0638
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=221af7f87b97431e3ee21ce4b0e77d5411cf1549
http://marc.info/?l=linux-mm&m=126466407724382&w=2
Third Party Advisory
Mailing List
http://marc.info/?t=126466700200002&r=1&w=2
Third Party Advisory
Mailing List
http://secunia.com/advisories/39649
Third Party Advisory
http://support.avaya.com/css/P8/documents/100088287
Third Party Advisory
http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of%2C20100202%2C15754.html
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8
Vendor Advisory
http://www.openwall.com/lists/oss-security/2010/02/01/1
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/02/01/5
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/02/04/1
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/02/04/9
Third Party Advisory
Mailing List
http://www.redhat.com/support/errata/RHSA-2010-0398.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0771.html
Third Party Advisory
http://www.securityfocus.com/bid/38027
Third Party Advisory
Exploit
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=560547
Third Party Advisory
Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10870
Third Party Advisory