Описание
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| hardy | released | 2.6.24-27.68 |
| intrepid | released | 2.6.27-17.46 |
| jaunty | released | 2.6.28-18.60 |
| karmic | released | 2.6.31-20.58 |
| upstream | released | 2.6.33~rc7 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.6.15-55.83 |
| devel | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | released | 2.6.33~rc7 |
Показывать по
EPSS
4.7 Medium
CVSS2
Связанные уязвимости
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel be ...
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function.
ELSA-2010-0398: kernel security and bug fix update (IMPORTANT)
EPSS
4.7 Medium
CVSS2