4.9
CVE-2010-3067
- EPSS 0.43%
- Veröffentlicht 21.09.2010 18:00:05
- Zuletzt bearbeitet 16.06.2026 23:22:03
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 2.6.36
Linux ≫ Linux Kernel Version2.6.36 Update-
Linux ≫ Linux Kernel Version2.6.36 Updaterc1
Linux ≫ Linux Kernel Version2.6.36 Updaterc2
Linux ≫ Linux Kernel Version2.6.36 Updaterc3
Suse ≫ Linux Enterprise Desktop Version10 Updatesp3
Suse ≫ Linux Enterprise Real Time Extension Version11 Updatesp1
Suse ≫ Linux Enterprise Server Version9
Suse ≫ Linux Enterprise Server Version10 Updatesp3
Suse ≫ Linux Enterprise Software Development Kit Version10 Updatesp3
Debian ≫ Debian Linux Version5.0
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version8.04 SwEdition-
Canonical ≫ Ubuntu Linux Version9.04
Canonical ≫ Ubuntu Linux Version9.10
Canonical ≫ Ubuntu Linux Version10.04 SwEdition-
Canonical ≫ Ubuntu Linux Version10.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.341 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:C
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
http://secunia.com/advisories/46397
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
http://www.ubuntu.com/usn/USN-1000-1
http://www.vupen.com/english/advisories/2011/0298
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
http://secunia.com/advisories/42778
http://www.vupen.com/english/advisories/2011/0012
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
http://secunia.com/advisories/42890
http://www.redhat.com/support/errata/RHSA-2011-0007.html
http://www.redhat.com/support/errata/RHSA-2010-0779.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
http://secunia.com/advisories/42801
http://secunia.com/advisories/43291
http://www.debian.org/security/2010/dsa-2126
http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.36-rc4-next-20100915.bz2
http://www.mandriva.com/security/advisories?name=MDVSA-2010:257
http://www.redhat.com/support/errata/RHSA-2010-0758.html
http://www.redhat.com/support/errata/RHSA-2010-0839.html
http://www.vupen.com/english/advisories/2011/0375
https://bugzilla.redhat.com/show_bug.cgi?id=629441
https://exchange.xforce.ibmcloud.com/vulnerabilities/61884