Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20261
HistoryNov 17, 2010 - 12:00 a.m.

Linux Kernel gdth实现内核内存破坏漏洞

2010-11-1700:00:00
Root
www.seebug.org
39

0.0004 Low

EPSS

Percentile

8.6%

JSON

CVE ID: CVE-2010-4157

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的gdth_ioctl_alloc()函数取值大小变量为int型,而copy_from_user()函数取大小变量为无符长型。 gen.data_len和gen.sense_len为无符长型,在x86_64系统上长型为64位,int型为32位。如果用户传送了超长值的话,分配就会将大小截短为32位,分配过小的缓冲区,之后在执行copy_from_user()时可能导致内存破坏。

Linux kernel 2.6.x
厂商补丁:

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f63ae56e4e97fb12053590e41a4fa59e7daa74a4

Related

veracode 1
prion 1
ubuntucve 1
seebug 1
cve 1
nessus 28
redhat 3
centos 2
openvas 41
oraclelinux 3
ubuntu 8
suse 6
securityvulns 1
fedora 3
osv 1
vmware 2
packetstorm 1
veracode
veracode
Privilege Escalation
2020-04-10 00:52:52
prion
prion
Integer overflow
2010-12-10 19:00:00
ubuntucve
ubuntucve
CVE-2010-4157
2010-12-10 00:00:00
seebug
seebug
Linux Kernel 'drivers/scsi/gdth.c' IOCTL本地特权提升漏洞
2010-12-17 00:00:00
cve
cve
CVE-2010-4157
2010-12-10 19:00:00
nessus
nessus
Scientific Linux Security Update : kernel on SL4.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : kernel (RHSA-2011:0162)
2011-01-19 00:00:00
Oracle Linux 4 : kernel (ELSA-2011-0162)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2011:0162) Important: kernel security and bug fix update
2011-01-18 00:00:00
(RHSA-2011:0004) Important: kernel security, bug fix, and enhancement update
2011-01-04 00:00:00
(RHSA-2010:0958) Important: kernel-rt security and bug fix update
2010-12-08 00:00:00
centos
centos
kernel security update
2011-01-27 09:25:23
kernel security update
2011-01-06 12:23:15
openvas
openvas
Ubuntu: Security Advisory (USN-1071-1)
2011-02-28 00:00:00
CentOS Update for kernel CESA-2011:0162 centos4 x86_64
2012-07-30 00:00:00
CentOS Update for kernel CESA-2011:0162 centos4 x86_64
2012-07-30 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2011-01-18 00:00:00
kernel security, bug fix, and enhancement update
2011-01-04 00:00:00
Oracle Linux 4.9 kernel security and bug fix update
2011-02-23 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-02-25 00:00:00
Linux kernel vulnerabilities
2011-01-10 00:00:00
Linux kernel vulnerabilities
2011-02-25 00:00:00
suse
suse
local privilege escalation in kernel
2011-01-14 16:35:40
potential local privilege escalation in kernel
2011-01-03 15:33:25
remote denial of service in kernel
2010-12-14 13:42:46
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2011-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: kernel-2.6.34.7-66.fc13
2010-12-23 19:56:17
[SECURITY] Fedora 13 Update: kernel-2.6.34.8-68.fc13
2011-03-07 21:06:13
[SECURITY] Fedora 13 Update: kernel-2.6.34.9-69.fc13
2011-06-21 17:22:40
osv
osv
linux-2.6 - several issues
2010-11-26 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party libraries and ESX Service Console
2011-10-12 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-10-12 00:00:00
packetstorm
packetstorm
Ubuntu Security Notice USN-1202-1
2011-09-14 00:00:00

0.0004 Low

EPSS

Percentile

8.6%

JSON
Related for SSV:20261
veracode1prion1ubuntucve1seebug1cve1nessus28redhat3centos2openvas41oraclelinux3ubuntu8suse6securityvulns1fedora3osv1vmware2packetstorm1