Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-3301

Опубликовано: 22 сент. 2010
Источник: ubuntu
Приоритет: high
EPSS Низкий
CVSS2: 7.2

Описание

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

РелизСтатусПримечание
dapper

DNE

devel

not-affected

hardy

not-affected

jaunty

released

2.6.28-19.65
karmic

released

2.6.31-22.65
lucid

released

2.6.32-24.43
maverick

released

2.6.35-22.32
upstream

released

2.6.36~rc5

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

jaunty

DNE

karmic

released

2.6.31-307.23
lucid

released

2.6.32-311.23
maverick

not-affected

binary packages replaced
upstream

released

2.6.36~rc5

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

karmic

released

2.6.31-112.30
lucid

released

2.6.31-608.22
maverick

DNE

upstream

released

2.6.36~rc5

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

karmic

DNE

lucid

released

2.6.35-25.44~lucid1
maverick

DNE

upstream

released

2.6.36~rc5

Показывать по

РелизСтатусПримечание
dapper

not-affected

devel

DNE

hardy

DNE

jaunty

DNE

karmic

DNE

lucid

DNE

maverick

DNE

upstream

released

2.6.36~rc5

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.05507
Низкий

7.2 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-3301

redhat
почти 15 лет назад

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

nvd логотип

CVE-2010-3301

nvd
больше 14 лет назад

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

debian логотип

CVE-2010-3301

debian
больше 14 лет назад

The IA32 system call emulation functionality in arch/x86/ia32/ia32entr ...

github логотип

GHSA-79mw-6jhw-7997

github
около 3 лет назад

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

oracle-oval логотип

ELSA-2011-0007

oracle-oval
больше 14 лет назад

ELSA-2011-0007: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 90%
0.05507
Низкий

7.2 High

CVSS2

Уязвимость CVE-2010-3301