mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
279 lines
10 KiB
JSON
279 lines
10 KiB
JSON
{
|
|
"id": "CVE-2010-2240",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2010-09-03T20:00:03.560",
|
|
"lastModified": "2023-02-13T04:21:01.603",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La funci\u00f3n do_anonymous_page en mm/memory.c en el kernel de Linux anterior v2.6.27.52, v2.6.32.x anterior v2.6.32.19, v2.6.34.x anterior v2.6.34.4, y v2.6.35.x anterior v2.6.35.2 no separa adecuadamente la pila y la cabecera, lo que permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n por escritura en el final de la p\u00e1gina de un segmento de memoria compartida, como qued\u00f3 demostrado con un ataque de memoria exhaustiva contra el servidor X.Org X."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 7.2
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-94"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "2.6.27.51",
|
|
"matchCriteriaId": "AEA6DA66-4F42-4F29-A2C6-D65ABA86BEFE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "46568A0D-F374-4DAB-9B64-FCC74A9AA07B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "084A2575-E5A6-43BD-8CE5-1EF628AA9ACB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "041CE8AF-711C-496D-BDF2-B4AB655C0C8D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE192302-F569-4301-83F2-AEE020FB77B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2597A691-01B8-4FD2-AF71-D4BCC15C6F10"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "533A03F0-D7C4-42EF-BAD7-2B5A9A9D68EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EDBA84AD-CB87-418B-BBF7-8E910FB8FD5D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0FA9FA7-3BE3-415B-AA06-A2401B2AD8DC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A93EFB49-0195-4471-9445-DA944CD55459"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "075C2C0A-E5E7-412C-9B28-3E3363A2DF05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "534281D8-EAEB-4E78-8835-E6BA318BE866"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "192A8675-4413-4ADD-BF9E-DFD757C76387"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1E15D428-B54A-499D-8677-63C73A2C2934"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8804EC33-1751-4493-98D7-B85F326ABAD1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BC94715E-208F-421E-8FCA-81E86175C983"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "982071FC-873D-4C38-817B-F5853699135D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6B721839-AB4C-4DE7-834F-E790DE770066"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "75965543-51D3-4809-8815-EA80BAC85C98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4CEC8F08-EE90-41CA-A30F-D34290168571"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B39BF614-85CD-4C6A-877C-724FB6F5B125"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DD31EA80-D021-4E47-8FB0-E1F23E379EA7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0C683054-0275-4A92-B003-9C9A5A03B6E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D2CD9FB1-AB83-427A-8923-97ED7ADFD63D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1024344",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2010/dsa-2094",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:172",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2010-0660.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2010-0670.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://rhn.redhat.com/errata/RHSA-2010-0661.html",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |