Lucene search

[email protected]CVE-2010-1436

HistoryMay 21, 2010 - 5:30 p.m.

CVE-2010-1436

2010-05-2117:30:00

CWE-399

[email protected]

web.nvd.nist.gov

linux

kernel

gfs2

denial of service

vulnerability

cve-2010-1436

nvd

6.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.18

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.18

References

secunia.com/advisories/43315

www.openwall.com/lists/oss-security/2010/04/27/1

www.openwall.com/lists/oss-security/2010/04/28/1

www.securityfocus.com/archive/1/516397/100/0/threaded

www.vmware.com/security/advisories/VMSA-2011-0003.html

bugzilla.redhat.com/show_bug.cgi?id=586006

exchange.xforce.ibmcloud.com/vulnerabilities/58839

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10652

6.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2010-1436

ubuntucve1 veracode1 prion1 openvas9 nessus8 oraclelinux2 centos1 redhat1 ubuntu1