Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20357
HistoryMar 03, 2011 - 12:00 a.m.

Linux Kernel "ib_uverbs_poll_cq()"整数溢出漏洞

2011-03-0300:00:00
Root
www.seebug.org
40

0.0004 Low

EPSS

Percentile

5.7%

JSON

BUGTRAQ ID: 46073
CVE ID: CVE-2010-4649

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的"ib_uverbs_poll_cq()"在实现上存在整数溢出漏洞,攻击者可利用此漏洞以提升的权限执行任意代码,使受影响内核崩溃,拒绝服务合法用户。

如果用户空间计入较大的cmd.ne,ib_uverbs_poll_cq()代码会出现整数溢出。对kmalloc()的调用将分配较小的缓冲区,导致内存破坏。如果没有使用完resp,也会造成信息泄露。虽然目前仅存在使用此函数的RDMA设备,无权限用户空间也将调用此函数。

Debian Linux 5.0 x
Linux kernel 2.6.x
Ubuntu Linux 10.04
厂商补丁:

Debian

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.debian.org/security/

Linux

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.kernel.org/

Related

veracode 1
ubuntucve 2
prion 2
cve 2
nessus 29
suse 3
openvas 41
oraclelinux 4
redhat 4
ubuntu 8
fedora 3
centos 1
osv 1
securityvulns 2
debian 1
vmware 2
packetstorm 1
veracode
veracode
Privilege Escalation
2020-04-10 01:00:31
ubuntucve
ubuntucve
CVE-2010-4649
2011-02-18 00:00:00
CVE-2011-1044
2011-02-18 00:00:00
prion
prion
Integer overflow
2011-02-18 20:00:00
Design/Logic Flaw
2011-02-18 20:00:00
cve
cve
CVE-2010-4649
2011-02-18 20:00:00
CVE-2011-1044
2011-02-18 20:00:00
nessus
nessus
Fedora 14 : kernel-2.6.35.11-83.fc14 (2011-1138)
2011-02-11 00:00:00
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 8324)
2012-10-24 00:00:00
SUSE SLED10 / SLES10 Security Update : kernel (SUSE-SU-2012:1391-1)
2015-05-20 00:00:00
suse
suse
Security update for Linux kernel (important)
2012-10-24 09:08:54
local privilege escalation, remote denial of in kernel
2011-04-18 14:12:03
remote denial of service in kernel
2011-04-28 13:57:06
openvas
openvas
Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2
2011-03-07 00:00:00
Ubuntu Update for linux vulnerabilities USN-1080-1
2011-03-07 00:00:00
Ubuntu Update for linux vulnerabilities USN-1080-1
2011-03-07 00:00:00
oraclelinux
oraclelinux
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2011-05-11 00:00:00
kernel security and bug fix update
2011-07-18 00:00:00
kernel security, bug fix, and enhancement update
2011-05-10 00:00:00
redhat
redhat
(RHSA-2011:0498) Important: kernel security, bug fix, and enhancement update
2011-05-10 00:00:00
(RHSA-2011:0927) Important: kernel security and bug fix update
2011-07-15 00:00:00
(RHSA-2011:0330) Important: kernel-rt security and bug fix update
2011-03-10 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-03-01 00:00:00
Linux kernel vulnerabilities
2011-08-09 00:00:00
Linux kernel vulnerabilities
2011-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.11-83.fc14
2011-02-10 21:27:10
[SECURITY] Fedora 13 Update: kernel-2.6.34.8-68.fc13
2011-03-07 21:06:13
[SECURITY] Fedora 13 Update: kernel-2.6.34.9-69.fc13
2011-06-21 17:22:40
centos
centos
kernel security update
2011-07-18 21:33:40
osv
osv
linux-2.6 - several issues
2011-01-30 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2153-1] linux-2.6 security update
2011-02-02 00:00:00
Linux kernel multiple security vulnerabilities
2011-02-02 00:00:00
debian
debian
[SECURITY] [DSA 2153-1] linux-2.6 security update
2011-01-30 06:42:05
vmware
vmware
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
VMware ESXi and ESX updates to third party library and ESX Service Console
2012-01-30 00:00:00
packetstorm
packetstorm
Ubuntu Security Notice USN-1202-1
2011-09-14 00:00:00

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for SSV:20357
veracode1ubuntucve2prion2cve2nessus29suse3openvas41oraclelinux4redhat4ubuntu8fedora3centos1osv1securityvulns2debian1vmware2packetstorm1