CVE-2010-0307

Severity

47%

Complexity

34%

Confidentiality

115%

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

CVSS 2.0 Base Score 4.7. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:N/A:C).

Overview

Type

Linux

First reported 15 years ago

2010-02-17 18:30:00

Last updated 6 years ago

2018-11-16 16:08:00

Affected Software

Linux Kernel

Debian GNU/Linux 4.0

4.0

Debian GNU/Linux 5.0

5.0

Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)

6.06

Canonical Ubuntu Linux 8.04 LTS (Long-Term Support)

8.04

Canonical Ubuntu Linux 8.10

8.10

Canonical Ubuntu Linux 9.04

9.04

Canonical Ubuntu Linux 9.10

9.10

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=221af7f87b97431e3ee21ce4b0e77d5411cf1549

Vendor Advisory

FEDORA-2010-1787

Mailing List, Third Party Advisory

SUSE-SA:2010:014

Mailing List, Third Party Advisory

[linux-mm] 20100128 DoS on x86_64

Mailing List, Third Party Advisory

http://marc.info/?t=126466700200002&r=1&w=2

Mailing List, Third Party Advisory

38492

Third Party Advisory

38779

Third Party Advisory

38922

Third Party Advisory

39649

Third Party Advisory

43315

Third Party Advisory

http://support.avaya.com/css/P8/documents/100088287

Third Party Advisory

DSA-1996

Third Party Advisory

http://www.globalsecuritymag.com/Vigil-nce-Linux-kernel-denial-of,20100202,15754.html

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8

Vendor Advisory

MDVSA-2010:066

Third Party Advisory

[oss-security] 20100201 CVE request - kernel: DoS on x86_64

Mailing List, Third Party Advisory

[oss-security] 20100201 Re: CVE request - kernel: DoS on x86_64

Mailing List, Third Party Advisory

[oss-security] 20100203 Re: CVE request - kernel: DoS on x86_64

Mailing List, Third Party Advisory

[oss-security] 20100204 Re: CVE request - kernel: DoS on x86_64

Mailing List, Third Party Advisory

RHSA-2010:0398

Third Party Advisory

RHSA-2010:0771

Third Party Advisory

20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

Third Party Advisory, VDB Entry

38027

Exploit, Third Party Advisory, VDB Entry

USN-914-1

Third Party Advisory

http://www.vmware.com/security/advisories/VMSA-2011-0003.html

Third Party Advisory

ADV-2010-0638

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=560547

Issue Tracking, Third Party Advisory

oval:org.mitre.oval:def:10870

Third Party Advisory

RHSA-2010:0146

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.