what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

CVE-2010-2240

Status Candidate

Overview

The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.

Related Files

Qualys Security Advisory - The Stack Clash
Posted Jun 20, 2017
Site qualys.com

Qualys has released a large amount of research surrounding the use of stack clash vulnerabilities and how stack guard on Linux can be bypassed.

tags | advisory, vulnerability
systems | linux
advisories | CVE-2017-1000369, CVE-2017-1000376, CVE-2017-1000366, CVE-2017-1000370, CVE-2010-2240, CVE-2017-1000365, CVE-2017-1000372, CVE-2017-1000373, CVE-2017-1083, CVE-2017-1082, CVE-2016-3672, CVE-2017-1000371
MD5 | 91191a0fae00196fec218203d9999e82
VMware Security Advisory 2011-0009
Posted Jun 3, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0009 - VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues.

tags | advisory
advisories | CVE-2009-3080, CVE-2009-4536, CVE-2010-1188, CVE-2010-2240, CVE-2011-1787, CVE-2011-2145, CVE-2011-2146, CVE-2011-2217
MD5 | 2c48563cecfe0e55c7ce0b6bd7e6fe54
VMware Security Advisory 2011-0007
Posted Apr 29, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0007 - VMware ESXi and ESX could encounter a socket exhaustion situation which may lead to a denial of service. Updates to Likewise components and to the ESX Service Console address security vulnerabilities.

tags | advisory, denial of service, vulnerability
advisories | CVE-2010-1323, CVE-2010-1324, CVE-2010-2240, CVE-2010-4020, CVE-2010-4021, CVE-2011-1785, CVE-2011-1786
MD5 | 18fcd61472c2d3dc5117dfc507ce0b0f
Mandriva Linux Security Advisory 2011-051
Posted Mar 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-051 - The Linux 2.6 kernel has been updated to mitigate multiple vulnerabilities related to denial of service, arbitrary code execution, stack memory disclosure, restriction bypass, and more.

tags | advisory, denial of service, arbitrary, kernel, vulnerability, code execution
systems | linux, mandriva
advisories | CVE-2010-2240, CVE-2010-4165, CVE-2010-4072, CVE-2010-4073, CVE-2010-4083, CVE-2010-4078, CVE-2010-3297, CVE-2010-3437, CVE-2010-2946, CVE-2010-3310, CVE-2010-3067, CVE-2010-0007, CVE-2010-3875, CVE-2010-2248, CVE-2009-1895, CVE-2009-2768, CVE-2009-3726, CVE-2009-2698, CVE-2009-3080, CVE-2010-2521, CVE-2007-1592, CVE-2010-3850
MD5 | f2ce03c37e6b21cbf22fe118915e6000
Ubuntu Security Notice USN-1074-2
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-2 - USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
MD5 | 3c50452827e25742bef7840b721455f6
Ubuntu Security Notice USN-1074-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
MD5 | 934d6a5d2bde45285650af4dbbaad8b2
Mandriva Linux Security Advisory 2010-172
Posted Sep 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-172 - Some vulnerabilities were discovered and corrected in the Linux kernel. Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service via unspecified vectors. The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a cache stuffing issue and MS-DFS referrals. The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service via a write operation on the last block of a large file, followed by a sync operation.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2010-2240, CVE-2010-2492, CVE-2010-2524, CVE-2010-3015
MD5 | 42e8224f2625e072bff3266c7756ac26
Ubuntu Security Notice 974-2
Posted Aug 27, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 974-2 - USN-974-1 fixed vulnerabilities in the Linux kernel. The fixes for CVE-2010-2240 caused failures for Xen hosts. This update fixes the problem. Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. Ben Hawkes discovered an integer overflow in the Controller Area Network (CAN) subsystem when setting up frame content and filtering certain messages.

tags | advisory, overflow, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2240, CVE-2010-2803, CVE-2010-2959
MD5 | 3aab12c90f2cb1286a5d95fa9c8754fe
Debian Linux Security Advisory 2094-1
Posted Aug 21, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2094-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2009-4895, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2521, CVE-2010-2798, CVE-2010-2803, CVE-2010-2959, CVE-2010-3015
MD5 | 5193cd6c08da4c23384565ae1037c40f
Ubuntu Security Notice 974-1
Posted Aug 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 974-1 - Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonstrated in attacks against the X server. Kees Cook discovered that under certain situations the ioctl subsystem for DRM did not properly sanitize its arguments. A local attacker could exploit this to read previously freed kernel memory, leading to a loss of privacy. Ben Hawkes discovered an integer overflow in the Controller Area Network (CAN) subsystem when setting up frame content and filtering certain messages. An attacker could send specially crafted CAN traffic to crash the system or gain root privileges.

tags | advisory, overflow, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-2240, CVE-2010-2803, CVE-2010-2959
MD5 | 9a178270b8a45436233a9d99b085bc7d
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    19 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close