7.8

CVE-2010-2492

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.35
VMwareEsx Version4.0
VMwareEsx Version4.1
AvayaAura Presence Services Version6.0
AvayaAura Presence Services Version6.1
AvayaAura Presence Services Version6.1.1
AvayaAura Session Manager Version1.1
AvayaAura Session Manager Version5.2
AvayaAura Session Manager Version6.0
AvayaAura System Manager Version5.2
AvayaAura System Manager Version6.0
AvayaAura System Manager Version6.1
AvayaAura System Manager Version6.1.1
AvayaAura System Platform Version1.1
AvayaAura System Platform Version6.0 Update-
AvayaAura System Platform Version6.0 Updatesp1
AvayaAura Voice Portal Version5.0
AvayaAura Voice Portal Version5.1 Update-
AvayaAura Voice Portal Version5.1 Updatesp1
AvayaIq Version5.0
AvayaIq Version5.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.345
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
Broken Link
http://secunia.com/advisories/46397
Broken Link
http://support.avaya.com/css/P8/documents/100113326
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0723.html
Broken Link
http://www.securityfocus.com/archive/1/520102/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
Patch
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
Broken Link
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff
http://secunia.com/advisories/42890
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-0007.html
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=611385
Patch
Third Party Advisory
Issue Tracking