7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
75.6%
Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable
permissions (which it does not, by default, on Red Hat Enterprise Linux 6),
a local, unprivileged user could use this flaw to cause a denial of service
or possibly escalate their privileges. (CVE-2010-2492, Important)
Integer overflow in the RDS protocol implementation could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2010-3865, Important)
Missing boundary checks in the PPP over L2TP sockets implementation could
allow a local, unprivileged user to cause a denial of service or escalate
their privileges. (CVE-2010-4160, Important)
NULL pointer dereference in the igb driver. If both Single Root I/O
Virtualization (SR-IOV) and promiscuous mode were enabled on an interface
using igb, it could result in a denial of service when a tagged VLAN packet
is received on that interface. (CVE-2010-4263, Important)
Missing initialization flaw in the XFS file system implementation, and in
the network traffic policing implementation, could allow a local,
unprivileged user to cause an information leak. (CVE-2010-3078,
CVE-2010-3477, Moderate)
NULL pointer dereference in the Open Sound System compatible sequencer
driver could allow a local, unprivileged user with access to /dev/sequencer
to cause a denial of service. /dev/sequencer is only accessible to root and
users in the audio group by default. (CVE-2010-3080, Moderate)
Flaw in the ethtool IOCTL handler could allow a local user to cause an
information leak. (CVE-2010-3861, Moderate)
Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast
Manager. On 64-bit systems, writing the socket address may overflow the
procname character array. (CVE-2010-3874, Moderate)
Flaw in the module for monitoring the sockets of INET transport
protocols could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-3880, Moderate)
Missing boundary checks in the block layer implementation could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4162,
CVE-2010-4163, CVE-2010-4668, Moderate)
NULL pointer dereference in the Bluetooth HCI UART driver could allow a
local, unprivileged user to cause a denial of service. (CVE-2010-4242,
Moderate)
Flaw in the Linux kernel CPU time clocks implementation for the POSIX
clock interface could allow a local, unprivileged user to cause a denial of
service. (CVE-2010-4248, Moderate)
Flaw in the garbage collector for AF_UNIX sockets could allow a local,
unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)
Missing upper bound integer check in the AIO implementation could allow a
local, unprivileged user to cause an information leak. (CVE-2010-3067, Low)
Missing initialization flaws could lead to information leaks.
(CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,
CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,
CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)
Missing initialization flaw in KVM could allow a privileged host user
with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)
Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;
Thomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting
CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,
CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,
CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,
and CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis
Ormandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for
reporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting
CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for
reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and
Stephan Mueller of atsec information security for reporting CVE-2010-4525.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390x | kernel-kdump-devel | < 2.6.32-71.14.1.el6 | kernel-kdump-devel-2.6.32-71.14.1.el6.s390x.rpm |
RedHat | 6 | ppc64 | kernel-headers | < 2.6.32-71.14.1.el6 | kernel-headers-2.6.32-71.14.1.el6.ppc64.rpm |
RedHat | 6 | ppc64 | kernel-debug-devel | < 2.6.32-71.14.1.el6 | kernel-debug-devel-2.6.32-71.14.1.el6.ppc64.rpm |
RedHat | 6 | s390x | kernel | < 2.6.32-71.14.1.el6 | kernel-2.6.32-71.14.1.el6.s390x.rpm |
RedHat | 6 | s390x | kernel-kdump | < 2.6.32-71.14.1.el6 | kernel-kdump-2.6.32-71.14.1.el6.s390x.rpm |
RedHat | 6 | s390x | kernel-debug | < 2.6.32-71.14.1.el6 | kernel-debug-2.6.32-71.14.1.el6.s390x.rpm |
RedHat | 6 | ppc64 | kernel-debuginfo-common-ppc64 | < 2.6.32-71.14.1.el6 | kernel-debuginfo-common-ppc64-2.6.32-71.14.1.el6.ppc64.rpm |
RedHat | 6 | x86_64 | kernel-debug-debuginfo | < 2.6.32-71.14.1.el6 | kernel-debug-debuginfo-2.6.32-71.14.1.el6.x86_64.rpm |
RedHat | 6 | i686 | kernel-debug | < 2.6.32-71.14.1.el6 | kernel-debug-2.6.32-71.14.1.el6.i686.rpm |
RedHat | 6 | x86_64 | kernel-debug | < 2.6.32-71.14.1.el6 | kernel-debug-2.6.32-71.14.1.el6.x86_64.rpm |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
75.6%