CVE-2010-3086
4.9 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%
include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that triggers a page fault.
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9d55b9923a1b7ea8193b8875c57ec940dc2ff027
kerneltrap.org/mailarchive/linux-kernel/2008/2/6/752194/thread
lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html
marc.info/?l=oss-security&m=128935856605589&w=2
secunia.com/advisories/46397
securitytracker.com/id?1024709
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25
www.redhat.com/support/errata/RHSA-2010-0839.html
www.securityfocus.com/archive/1/520102/100/0/threaded
www.vmware.com/security/advisories/VMSA-2011-0012.html
bugzilla.redhat.com/show_bug.cgi?id=429412
bugzilla.redhat.com/show_bug.cgi?id=633170
Social References
More
Related
4.9 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.3%