CVE-2010-0623

Опубликовано: 15 фев. 2010

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.

Ссылки

http://bugzilla.kernel.org/show_bug.cgi?id=14256
Issue Tracking
Patch
Vendor Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ecb01cfdf96c5f465192bdb2a4fd4a61a24c6cc
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
Mailing List
Third Party Advisory
http://secunia.com/advisories/38922
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
Third Party Advisory
http://www.openwall.com/lists/oss-security/2010/02/11/2
Mailing List
Third Party Advisory
http://www.ubuntu.com/usn/USN-914-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0638
Third Party Advisory
http://bugzilla.kernel.org/show_bug.cgi?id=14256
Issue Tracking
Patch
Vendor Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ecb01cfdf96c5f465192bdb2a4fd4a61a24c6cc
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
Mailing List
Third Party Advisory
http://secunia.com/advisories/38922
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
Third Party Advisory
http://www.openwall.com/lists/oss-security/2010/02/11/2
Mailing List
Third Party Advisory
http://www.ubuntu.com/usn/USN-914-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0638
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 2.6.33 (исключая)

cpe:2.3:o:linux:linux_kernel:2.6.33:-:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.33:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.33:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.33:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.33:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.33:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:2.6.33:rc6:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00047

Низкий

4.9 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2010-0623

ubuntu

почти 16 лет назад

CVE-2010-0623

redhat

почти 16 лет назад

CVE-2010-0623

debian

почти 16 лет назад

The futex_lock_pi function in kernel/futex.c in the Linux kernel befor ...

GHSA-h4hr-vrvh-q8pp

github

больше 3 лет назад

EPSS

Процентиль: 15%

0.00047

Низкий

4.9 Medium

CVSS2

Дефекты

NVD-CWE-noinfo