CVE-2010-2521
7.8 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.173 Low
EPSS
Percentile
96.0%
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions.
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2bc3c1179c781b359d4f2f3439cb3df72afc17fc
lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html
secunia.com/advisories/43315
securitytracker.com/id?1024286
www.debian.org/security/2010/dsa-2094
www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc6
www.mandriva.com/security/advisories?name=MDVSA-2010:198
www.mandriva.com/security/advisories?name=MDVSA-2011:051
www.openwall.com/lists/oss-security/2010/07/07/1
www.openwall.com/lists/oss-security/2010/07/09/2
www.redhat.com/support/errata/RHSA-2010-0610.html
www.redhat.com/support/errata/RHSA-2010-0893.html
www.redhat.com/support/errata/RHSA-2010-0907.html
www.securityfocus.com/archive/1/516397/100/0/threaded
www.securityfocus.com/bid/42249
www.ubuntu.com/usn/USN-1000-1
www.vmware.com/security/advisories/VMSA-2011-0003.html
www.vupen.com/english/advisories/2010/3050
bugzilla.redhat.com/show_bug.cgi?id=612028
rhn.redhat.com/errata/RHSA-2010-0606.html
Social References
More
Related
7.8 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.173 Low
EPSS
Percentile
96.0%