Published: 30/11/2010 Updated: 13/02/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 495

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The setup_arg_pages function in fs/exec.c in the Linux kernel prior to 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 5.0
canonical ubuntu linux 10.10
canonical ubuntu linux 9.10
canonical ubuntu linux 10.04

Multiple kernel flaws ...

An attacker could send crafted input to the kernel and cause it to crash ...

Multiple kernel flaws ...

Multiple kernel flaws have been fixed ...

Multiple security flaws in Linux kernel ...

// source: wwwsecurityfocuscom/bid/44301/info /* known for over a year, fixed in grsec bug is due to a bad limit on the max size of the stack for 32bit apps on a 64bit OS Instead of them being limited to 1/4th of a 32bit address space, they're limited to 1/4th of a 64bit address space -- oops! in combination with vanilla AS ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-400 http://www.securityfocus.com/bid/44301 https://bugzilla.redhat.com/show_bug.cgi?id=645222 http://grsecurity.net/~spender/64bit_dos.c http://www.openwall.com/lists/oss-security/2010/10/22/4 http://www.exploit-db.com/exploits/15619 http://www.openwall.com/lists/oss-security/2010/10/21/1 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://www.redhat.com/support/errata/RHSA-2010-0958.html http://www.debian.org/security/2010/dsa-2126 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://secunia.com/advisories/42758 http://www.mandriva.com/security/advisories?name=MDVSA-2010:257 http://www.vupen.com/english/advisories/2011/0070 http://www.ubuntu.com/usn/USN-1041-1 http://secunia.com/advisories/42789 http://www.vupen.com/english/advisories/2011/0024 http://secunia.com/advisories/46397 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b528181b2ffa14721fb28ad1bd539fe1732c583 https://nvd.nist.gov https://www.exploit-db.com/exploits/15619/https://usn.ubuntu.com/1072-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3858

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect