Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K16489
HistoryApr 24, 2015 - 12:00 a.m.

K16489 : Linux kernel security vulnerabilities CVE-2010-3848, CVE-2010-3849, and CVE-2010-3850

2015-04-2400:00:00
my.f5.com
16

6.5 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.1%

JSON

Security Advisory Description

Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field.

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.

Impact

There is no impact; F5 products are not affected by this vulnerability.

Related

openvas 16
f5 1
nessus 12
seebug 4
exploitpack 2
threatpost 1
securityvulns 4
ubuntu 6
packetstorm 1
suse 5
prion 3
cve 3
ubuntucve 3
redhatcve 3
exploitdb 2
kitploit 1
debian 1
osv 1
openvas
openvas
Ubuntu Update for Linux kernel vulnerabilities USN-1023-1
2010-12-09 00:00:00
Ubuntu Update for Linux kernel vulnerabilities USN-1023-1
2010-12-09 00:00:00
Mandriva Update for kernel MDVSA-2010:257 (kernel)
2011-01-04 00:00:00
f5
f5
SOL16489 - Multiple Linux Kernel security vulnerabilities CVE-2010-3848, CVE-2010-3849, and CVE-2010-3850
2015-04-24 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : linux, linux-{ec2,source-2.6.15} vulnerabilities (USN-1023-1)
2010-11-30 00:00:00
SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7303)
2011-01-27 00:00:00
SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7304)
2012-05-17 00:00:00
seebug
seebug
Linux Kernel <= 2.6.37 Local Privilege Escalation
2010-12-09 00:00:00
Linux Kernel <= 2.6.37 - Local Privilege Escalation
2014-07-01 00:00:00
Linux Kernel &lt; 2.6.36.2 Econet Privilege Escalation Exploit
2011-09-09 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.37 (RedHat Ubuntu 10.04) - Full-Nelson.c Local Privilege Escalation
2010-12-07 00:00:00
Linux Kernel 2.6.36.2 (Ubuntu 10.04) - Half-Nelson.c Econet Privilege Escalation
2011-09-05 00:00:00
threatpost
threatpost
New Local Linux Kernel Root Exploit Published
2010-12-08 15:33:53
securityvulns
securityvulns
Linux kernel exploit
2010-12-09 00:00:00
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel
2012-12-02 00:00:00
[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues
2010-12-01 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-11-30 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-04-20 00:00:00
Linux kernel vulnerabilities
2011-02-28 00:00:00
packetstorm
packetstorm
Linux Kernel Econet Privilege Escalation
2011-09-06 00:00:00
suse
suse
local privilege escalation in kernel
2011-01-25 15:24:01
local privilege escalation, remote denial of in kernel
2011-02-11 13:07:24
local privilege escalation, remote denial of in kernel
2011-04-18 14:12:03
prion
prion
Design/Logic Flaw
2010-12-30 19:00:00
Null pointer dereference
2010-12-30 19:00:00
Stack overflow
2010-12-30 19:00:00
cve
cve
CVE-2010-3850
2010-12-30 19:00:00
CVE-2010-3849
2010-12-30 19:00:00
CVE-2010-3848
2010-12-30 19:00:00
ubuntucve
ubuntucve
CVE-2010-3850
2010-11-30 00:00:00
CVE-2010-3849
2010-11-30 00:00:00
CVE-2010-3848
2010-11-30 00:00:00
redhatcve
redhatcve
CVE-2010-3849
2019-10-04 22:31:45
CVE-2010-3850
2015-10-30 09:28:09
CVE-2010-3848
2015-10-30 10:35:21
exploitdb
exploitdb
Linux Kernel &lt; 2.6.36.2 (Ubuntu 10.04) - &#039;Half-Nelson.c&#039; Econet Privilege Escalation
2011-09-05 00:00:00
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - &#039;Full-Nelson.c&#039; Local Privilege Escalation
2010-12-07 00:00:00
kitploit
kitploit
[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits
2013-08-29 00:48:00
debian
debian
[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues
2010-11-27 04:49:43
osv
osv
linux-2.6 - several issues
2010-11-26 00:00:00

6.5 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.1%

JSON
Related for F5:K16489
openvas16f51nessus12seebug4exploitpack2threatpost1securityvulns4ubuntu6packetstorm1suse5prion3cve3ubuntucve3redhatcve3exploitdb2kitploit1debian1osv1