Описание
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 2.6.39-0.0 |
| hardy | released | 2.6.24-28.82 |
| jaunty | ignored | end of life |
| karmic | released | 2.6.31-22.70 |
| lucid | released | 2.6.32-27.49 |
| maverick | released | 2.6.35-24.42 |
| natty | not-affected | 2.6.37-2.9 |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | DNE | |
| karmic | released | 2.6.31-307.23 |
| lucid | released | 2.6.32-311.22 |
| maverick | ignored | end of life |
| natty | DNE | |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| karmic | released | 2.6.31-112.30 |
| lucid | released | 2.6.31-608.21 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 2.6.35-25.44~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | not-affected | 2.6.38-1.27~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| karmic | ignored | end of life |
| lucid | released | 2.6.32-213.29 |
| maverick | released | 2.6.32-414.30 |
| natty | DNE | |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | DNE | |
| hardy | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.36~rc4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 2.6.38-1309.13 |
| hardy | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | released | 2.6.35-903.23 |
| natty | not-affected | 2.6.38-1201.2 |
| upstream | released | 2.6.36~rc4 |
Показывать по
Ссылки на источники
EPSS
4.9 Medium
CVSS2
Связанные уязвимости
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2 ...
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
ELSA-2011-0836: kernel security and bug fix update (IMPORTANT)
EPSS
4.9 Medium
CVSS2