Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-0307

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2010-0307
Last Modified 19 Mar 2012 12:00:00
Published 17 Feb 2010 01:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2010-0307

Summary

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

Vulnerable Systems

Operating System

  • Linux Kernel 2.2.27

  • Linux Kernel 2.4.36

  • Linux Kernel 2.4.36.1

  • Linux Kernel 2.4.36.2

  • Linux Kernel 2.4.36.3

  • Linux Kernel 2.4.36.4

  • Linux Kernel 2.4.36.5

  • Linux Kernel 2.4.36.6

  • Linux Kernel 2.6

  • Linux Kernel 2.6.18

  • Linux Kernel 2.6.19.4

  • Linux Kernel 2.6.19.5

  • Linux Kernel 2.6.19.6

  • Linux Kernel 2.6.19.7

  • Linux Kernel 2.6.20.16

  • Linux Kernel 2.6.20.17

  • Linux Kernel 2.6.20.18

  • Linux Kernel 2.6.20.19

  • Linux Kernel 2.6.20.20

  • Linux Kernel 2.6.20.21

  • Linux Kernel 2.6.21.5

  • Linux Kernel 2.6.21.6

  • Linux Kernel 2.6.21.7

  • Linux Kernel 2.6.22

  • Linux Kernel 2.6.22 Rc1

  • Linux Kernel 2.6.22 Rc7

  • Linux Kernel 2.6.22.1

  • Linux Kernel 2.6.22.10

  • Linux Kernel 2.6.22.11

  • Linux Kernel 2.6.22.12

  • Linux Kernel 2.6.22.13

  • Linux Kernel 2.6.22.14

  • Linux Kernel 2.6.22.15

  • Linux Kernel 2.6.22.17

  • Linux Kernel 2.6.22.18

  • Linux Kernel 2.6.22.19

  • Linux Kernel 2.6.22.2

  • Linux Kernel 2.6.22.20

  • Linux Kernel 2.6.22.21

  • Linux Kernel 2.6.22.22

  • Linux Kernel 2.6.22.8

  • Linux Kernel 2.6.22.9

  • Linux Kernel 2.6.23

  • Linux Kernel 2.6.23 Rc1

  • Linux Kernel 2.6.23.10

  • Linux Kernel 2.6.23.11

  • Linux Kernel 2.6.23.12

  • Linux Kernel 2.6.23.13

  • Linux Kernel 2.6.23.15

  • Linux Kernel 2.6.23.16

  • Linux Kernel 2.6.23.17

  • Linux Kernel 2.6.23.8

  • Linux Kernel 2.6.23.9

  • Linux Kernel 2.6.24

  • Linux Kernel 2.6.24 Rc1

  • Linux Kernel 2.6.24 Rc4

  • Linux Kernel 2.6.24 Rc5

  • Linux Kernel 2.6.24.1

  • Linux Kernel 2.6.24.2

  • Linux Kernel 2.6.24.3

  • Linux Kernel 2.6.24.4

  • Linux Kernel 2.6.24.5

  • Linux Kernel 2.6.24.6

  • Linux Kernel 2.6.25

  • Linux Kernel 2.6.25.1

  • Linux Kernel 2.6.25.10

  • Linux Kernel 2.6.25.11

  • Linux Kernel 2.6.25.12

  • Linux Kernel 2.6.25.13

  • Linux Kernel 2.6.25.14

  • Linux Kernel 2.6.25.16

  • Linux Kernel 2.6.25.17

  • Linux Kernel 2.6.25.2

  • Linux Kernel 2.6.25.3

  • Linux Kernel 2.6.25.4

  • Linux Kernel 2.6.25.5

  • Linux Kernel 2.6.25.6

  • Linux Kernel 2.6.25.7

  • Linux Kernel 2.6.25.8

  • Linux Kernel 2.6.25.9

  • Linux Kernel 2.6.26

  • Linux Kernel 2.6.26.1

  • Linux Kernel 2.6.26.2

  • Linux Kernel 2.6.26.3

  • Linux Kernel 2.6.26.4

  • Linux Kernel 2.6.26.5

  • Linux Kernel 2.6.27

  • Linux Kernel 2.6.28

  • Linux Kernel 2.6.29

  • Linux Kernel 2.6.29.3

  • Linux Kernel 2.6.29.rc1

  • Linux Kernel 2.6.29.rc2-git1

  • Linux Kernel 2.6.30

  • Linux Kernel 2.6.32

  • Linux Kernel 2.6.32.1

  • Linux Kernel 2.6.32.2

  • Linux Kernel 2.6.32.3

  • Linux Kernel 2.6.32.4

  • Linux Kernel 2.6.32.5

  • Linux Kernel 2.6.32.6

  • Linux Kernel 2.6.32.7

Application

  • Intel E1000 5.2.22

  • Intel E1000 5.2.30.1

  • Intel E1000 5.2.52

  • Intel E1000 5.3.19

  • Intel E1000 5.4.11

  • Intel E1000 5.5.4

  • Intel E1000 5.6.10

  • Intel E1000 5.6.10.1

  • Intel E1000 5.7.6

  • Intel E1000 6.0.54

  • Intel E1000 6.0.60

  • Intel E1000 6.1.16

  • Intel E1000 6.2.15

  • Intel E1000 6.3.9

  • Intel E1000 7.0.33

  • Intel E1000 7.0.41

  • Intel E1000 7.1.9

  • Intel E1000 7.2.7

  • Intel E1000 7.2.9

  • Intel E1000 7.3.15

  • Intel E1000 7.3.20

  • Intel E1000 7.4.27

  • Intel E1000 7.4.35

  • Linux Kernel 2.6.24.7

  • Linux Kernel 2.6.25.15


References

REDHAT - RHSA-2010:0146

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=560547

VUPEN - ADV-2010-0638

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0003.html

UBUNTU - USN-914-1

BID - 38027

BUGTRAQ - 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

REDHAT - RHSA-2010:0771

REDHAT - RHSA-2010:0398

MLIST - [oss-security] 20100204 Re: CVE request - kernel: DoS on x86_64

MLIST - [oss-security] 20100203 Re: CVE request - kernel: DoS on x86_64

MLIST - [oss-security] 20100201 Re: CVE request - kernel: DoS on x86_64

MLIST - [oss-security] 20100201 CVE request - kernel: DoS on x86_64

MANDRIVA - MDVSA-2010:066

CONFIRM - http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8

MISC - http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of,20100202,15754.html

DEBIAN - DSA-1996

CONFIRM - http://support.avaya.com/css/P8/documents/100088287

SECUNIA - 43315

SECUNIA - 39649

SECUNIA - 38922

SECUNIA - 38779

SECUNIA - 38492

CONFIRM - http://marc.info/?t=126466700200002&r=1&w=2

MLIST - [linux-mm] 20100128 DoS on x86_64

SUSE - SUSE-SA:2010:014

FEDORA - FEDORA-2010-1787

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=221af7f87b97431e3ee21ce4b0e77d5411cf1549


Last Updated: 27 May 2016 10:59:53