Lucene search

K
redhatRedHatRHSA-2011:0007
HistoryJan 11, 2011 - 12:00 a.m.

(RHSA-2011:0007) Important: kernel security and bug fix update

2011-01-1100:00:00
access.redhat.com
27

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

75.6%

  • Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable
    permissions (which it does not, by default, on Red Hat Enterprise Linux 6),
    a local, unprivileged user could use this flaw to cause a denial of service
    or possibly escalate their privileges. (CVE-2010-2492, Important)

  • Integer overflow in the RDS protocol implementation could allow a local,
    unprivileged user to cause a denial of service or escalate their
    privileges. (CVE-2010-3865, Important)

  • Missing boundary checks in the PPP over L2TP sockets implementation could
    allow a local, unprivileged user to cause a denial of service or escalate
    their privileges. (CVE-2010-4160, Important)

  • NULL pointer dereference in the igb driver. If both Single Root I/O
    Virtualization (SR-IOV) and promiscuous mode were enabled on an interface
    using igb, it could result in a denial of service when a tagged VLAN packet
    is received on that interface. (CVE-2010-4263, Important)

  • Missing initialization flaw in the XFS file system implementation, and in
    the network traffic policing implementation, could allow a local,
    unprivileged user to cause an information leak. (CVE-2010-3078,
    CVE-2010-3477, Moderate)

  • NULL pointer dereference in the Open Sound System compatible sequencer
    driver could allow a local, unprivileged user with access to /dev/sequencer
    to cause a denial of service. /dev/sequencer is only accessible to root and
    users in the audio group by default. (CVE-2010-3080, Moderate)

  • Flaw in the ethtool IOCTL handler could allow a local user to cause an
    information leak. (CVE-2010-3861, Moderate)

  • Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast
    Manager. On 64-bit systems, writing the socket address may overflow the
    procname character array. (CVE-2010-3874, Moderate)

  • Flaw in the module for monitoring the sockets of INET transport
    protocols could allow a local, unprivileged user to cause a denial of
    service. (CVE-2010-3880, Moderate)

  • Missing boundary checks in the block layer implementation could allow a
    local, unprivileged user to cause a denial of service. (CVE-2010-4162,
    CVE-2010-4163, CVE-2010-4668, Moderate)

  • NULL pointer dereference in the Bluetooth HCI UART driver could allow a
    local, unprivileged user to cause a denial of service. (CVE-2010-4242,
    Moderate)

  • Flaw in the Linux kernel CPU time clocks implementation for the POSIX
    clock interface could allow a local, unprivileged user to cause a denial of
    service. (CVE-2010-4248, Moderate)

  • Flaw in the garbage collector for AF_UNIX sockets could allow a local,
    unprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)

  • Missing upper bound integer check in the AIO implementation could allow a
    local, unprivileged user to cause an information leak. (CVE-2010-3067, Low)

  • Missing initialization flaws could lead to information leaks.
    (CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,
    CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,
    CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)

  • Missing initialization flaw in KVM could allow a privileged host user
    with access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)

Red Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;
Thomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting
CVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,
CVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,
CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,
and CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis
Ormandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for
reporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting
CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for
reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and
Stephan Mueller of atsec information security for reporting CVE-2010-4525.

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

75.6%

Related for RHSA-2011:0007