CVE-2010-0307

Linux Kernel < 2.6.32.8 - Denial of Service

Title source: rule
STIX 2.1

Description

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mathias Krause · textdoslinux_x86-64
https://www.exploit-db.com/exploits/33585

References (29)

Core 29
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/02/01/5
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-914-1
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=560547
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0638
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/02/04/1
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0771.html
Third Party Advisory vendor-advisory x_refsource_redhat
https://rhn.redhat.com/errata/RHSA-2010-0146.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38779
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39649
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38922
Mailing List, Third Party Advisory x_refsource_confirm
http://marc.info/?t=126466700200002&r=1&w=2
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2010/dsa-1996
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43315
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://marc.info/?l=linux-mm&m=126466407724382&w=2
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0398.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/02/04/9
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/02/01/1
Third Party Advisory x_refsource_confirm
http://support.avaya.com/css/P8/documents/100088287
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Exploit, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38027
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38492

Scores

EPSS 0.0029
EPSS Percentile 52.5%

Details

Status published
Products (8)
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 8.04
canonical/ubuntu_linux 8.10
canonical/ubuntu_linux 9.04
canonical/ubuntu_linux 9.10
debian/debian_linux 4.0
debian/debian_linux 5.0
linux/linux_kernel < 2.6.32.8
Published Feb 17, 2010
Tracked Since Feb 18, 2026