CVE-2010-2240

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-2240
The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
http://securitytracker.com/id?1024344
http://www.debian.org/security/2010/dsa-2094
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf Exploit
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://www.redhat.com/support/errata/RHSA-2010-0660.html
http://www.redhat.com/support/errata/RHSA-2010-0670.html
http://www.redhat.com/support/errata/RHSA-2010-0882.html
http://www.securityfocus.com/archive/1/517739/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0007.html
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
https://bugzilla.redhat.com/show_bug.cgi?id=606611
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
http://securitytracker.com/id?1024344
http://www.debian.org/security/2010/dsa-2094
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf Exploit
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://www.redhat.com/support/errata/RHSA-2010-0660.html
http://www.redhat.com/support/errata/RHSA-2010-0670.html
http://www.redhat.com/support/errata/RHSA-2010-0882.html
http://www.securityfocus.com/archive/1/517739/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0007.html
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
https://bugzilla.redhat.com/show_bug.cgi?id=606611
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
https://rhn.redhat.com/errata/RHSA-2010-0661.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:*
History

21 Nov 2024, 01:16

Type Values Removed Values Added
References () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 - () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 -
References () http://lists.vmware.com/pipermail/security-announce/2011/000133.html - () http://lists.vmware.com/pipermail/security-announce/2011/000133.html -
References () http://securitytracker.com/id?1024344 - () http://securitytracker.com/id?1024344 -
References () http://www.debian.org/security/2010/dsa-2094 - () http://www.debian.org/security/2010/dsa-2094 -
References () http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf - Exploit () http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf - Exploit
References () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 - () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 -
References () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 - () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 -
References () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 - () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 -
References () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 - () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 - () http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 - () http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 - () http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 -
References () http://www.redhat.com/support/errata/RHSA-2010-0660.html - () http://www.redhat.com/support/errata/RHSA-2010-0660.html -
References () http://www.redhat.com/support/errata/RHSA-2010-0670.html - () http://www.redhat.com/support/errata/RHSA-2010-0670.html -
References () http://www.redhat.com/support/errata/RHSA-2010-0882.html - () http://www.redhat.com/support/errata/RHSA-2010-0882.html -
References () http://www.securityfocus.com/archive/1/517739/100/0/threaded - () http://www.securityfocus.com/archive/1/517739/100/0/threaded -
References () http://www.vmware.com/security/advisories/VMSA-2011-0007.html - () http://www.vmware.com/security/advisories/VMSA-2011-0007.html -
References () http://www.vmware.com/security/advisories/VMSA-2011-0009.html - () http://www.vmware.com/security/advisories/VMSA-2011-0009.html -
References () https://bugzilla.redhat.com/show_bug.cgi?id=606611 - () https://bugzilla.redhat.com/show_bug.cgi?id=606611 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247 -
References () https://rhn.redhat.com/errata/RHSA-2010-0661.html - () https://rhn.redhat.com/errata/RHSA-2010-0661.html -
Information

Published : 2010-09-03 20:00

Updated : 2024-11-21 01:16

NVD link : CVE-2010-2240

Mitre link : CVE-2010-2240

CVE.ORG link : CVE-2010-2240

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024