Lucene search

[email protected]NVD:CVE-2010-2798

HistorySep 08, 2010 - 8:00 p.m.

CVE-2010-2798

2010-09-0820:00:02

CWE-476

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.

Affected configurations

NVD

Node

linuxlinux_kernelRange<2.6.35

Node

vmwareesxMatch4.0

vmwareesxMatch4.1

Node

canonicalubuntu_linuxMatch6.06

canonicalubuntu_linuxMatch8.04

canonicalubuntu_linuxMatch9.04

canonicalubuntu_linuxMatch9.10

canonicalubuntu_linuxMatch10.04-

canonicalubuntu_linuxMatch10.10

Node

debiandebian_linuxMatch5.0

Node

avayaaura_communication_managerMatch5.2

avayaaura_presence_servicesMatch6.0

avayaaura_presence_servicesMatch6.1

avayaaura_presence_servicesMatch6.1.1

avayaaura_session_managerMatch1.1

avayaaura_session_managerMatch5.2

avayaaura_session_managerMatch6.0

avayaaura_system_managerMatch5.2

avayaaura_system_managerMatch6.0

avayaaura_system_managerMatch6.1

avayaaura_system_managerMatch6.1.1

avayaaura_system_platformMatch1.1

avayaaura_system_platformMatch6.0-

avayaaura_system_platformMatch6.0sp1

avayaiqMatch5.0

avayaiqMatch5.1

avayavoice_portalMatch5.0

avayavoice_portalMatch5.1-

avayavoice_portalMatch5.1sp1

Node

opensuseopensuseMatch11.1

suselinux_enterprise_high_availability_extensionMatch11-

suselinux_enterprise_high_availability_extensionMatch11sp1

susesuse_linux_enterprise_desktopMatch11-

susesuse_linux_enterprise_desktopMatch11sp1

susesuse_linux_enterprise_serverMatch11-

susesuse_linux_enterprise_serverMatch11sp1

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=728a756b8fcd22d80e2dbba8117a8a3aafd3f203

lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html

lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html

secunia.com/advisories/46397

securitytracker.com/id?1024386

support.avaya.com/css/P8/documents/100113326

www.debian.org/security/2010/dsa-2094

www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35

www.mandriva.com/security/advisories?name=MDVSA-2010:198

www.openwall.com/lists/oss-security/2010/08/02/1

www.openwall.com/lists/oss-security/2010/08/02/10

www.redhat.com/support/errata/RHSA-2010-0660.html

www.redhat.com/support/errata/RHSA-2010-0670.html

www.redhat.com/support/errata/RHSA-2010-0723.html

www.securityfocus.com/archive/1/520102/100/0/threaded

www.securityfocus.com/bid/42124

www.ubuntu.com/usn/USN-1000-1

www.vmware.com/security/advisories/VMSA-2011-0012.html

bugzilla.redhat.com/show_bug.cgi?id=620300

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.3%

JSON

Related for NVD:CVE-2010-2798

prion1 cve1 ubuntucve1 veracode1 cvelist1 nessus23 redhat3 openvas27 suse5 fedora2 centos1 osv1 oraclelinux1 debian1 ubuntu4 vmware2