4.7

CVE-2010-1148

Exploit

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

Data is provided by the National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.33.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.07% 0.193
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:N/I:N/A:C
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://openwall.com/lists/oss-security/2010/04/06/2
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/39186
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=579445
Patch
Third Party Advisory
Issue Tracking