Lucene search

K
nvd[email protected]NVD:CVE-2010-4346
HistoryDec 22, 2010 - 9:00 p.m.

CVE-2010-4346

2010-12-2221:00:19
CWE-476
web.nvd.nist.gov
4

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

High

EPSS

0

Percentile

10.1%

The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<2.6.37
OR
linuxlinux_kernelMatch2.6.37-
OR
linuxlinux_kernelMatch2.6.37rc1
OR
linuxlinux_kernelMatch2.6.37rc2
OR
linuxlinux_kernelMatch2.6.37rc3
OR
linuxlinux_kernelMatch2.6.37rc4
OR
linuxlinux_kernelMatch2.6.37rc5
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.37cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

High

EPSS

0

Percentile

10.1%