what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2010-3081

Status Candidate

Overview

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.

Related Files

Linux 64-Bit Stack Pointer Underflow
Posted Jan 24, 2012
Authored by teach

Local root exploit for Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms that leverages a flaw in the compat_alloc_user_space functions.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2010-3081
SHA-256 | 52fc8b565f2f099df29e7cd463956b7151a8c113162ee3862f5988242751213f
Ubuntu Security Notice USN-1119-1
Posted Apr 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1119-1 - Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2010-3849, CVE-2010-3850, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3437, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3861, CVE-2010-3865, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3904, CVE-2010-4072, CVE-2010-4079, CVE-2010-4158, CVE-2010-4164, CVE-2010-4165, CVE-2010-4249
SHA-256 | ee2b27059547517c9b31d6346cedd7eacba9014e9eeb821192ed01e86e778b49
Ubuntu Security Notice USN-1074-2
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-2 - USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
SHA-256 | 4e15776b2f435c92a453d8aac2203f207e854e4b3f906900fe4b4f17ed2e2a0c
Ubuntu Security Notice USN-1074-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
SHA-256 | f173020807305076d904d843200bcb5d00acee46687f271c4a2338df4358536b
Mandriva Linux Security Advisory 2010-247
Posted Dec 4, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-247 - Vulnerabilities were discovered and corrected in the Linux 2.6 kernel. There are both underflow and overflow issues addressed.

tags | advisory, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3081, CVE-2010-3301, CVE-2010-3015
SHA-256 | 79073c35eacef750d2cb8efb7de448b40c4b96fad249e142cec6e10fea209d2c
VMware Security Advisory 2010-0017
Posted Dec 1, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0017 - ESX Service Console OS (COS) kernel update. This patch updates the Service Console kernel to fix a stack pointer underflow issue in the 32-bit compatibility layer. Exploitation of this issue could allow a local user to gain additional privileges.

tags | advisory, kernel, local
advisories | CVE-2010-3081
SHA-256 | c383897ffa5b5838bac181865a4e4211051098bbfcbd3855b2b85a5ac456837f
Mandriva Linux Security Advisory 2010-214
Posted Nov 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-214 - A vulnerability in Linux kernel caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the compat_alloc_user_space method with an arbitrary length input.

tags | advisory, arbitrary, kernel
systems | linux, mandriva
advisories | CVE-2010-3081
SHA-256 | fe95f56e09001ae57c4106c3e56e421c183ce28a1a6dec0d9a2d5220e0b853d3
Ubuntu Security Notice 988-1
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 988-1 - Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3081, CVE-2010-3301
SHA-256 | 3292bde8e4e5b048589c79d2d8ad3262fbd351a7707fb46c64c98ef65a7d9b66
Debian Linux Security Advisory 2110-1
Posted Sep 18, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2110-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2492, CVE-2010-2954, CVE-2010-3078, CVE-2010-3080, CVE-2010-3081
SHA-256 | e25b6491aff8c3f5313eb5b89eb84002884efc169a59c3cd5dd92e86cb26502d
Linux 2.6.x Redhat x86_64 compat Local Root
Posted Sep 16, 2010
Authored by Ac1db1tch3z

Linux kernel versions 2.6.27 through 2.6.35 Redhat x86_64 compat local root exploit.

tags | exploit, kernel, local, root
systems | linux, redhat
advisories | CVE-2010-3081
SHA-256 | e3277c2ca9cfd84e2b2ef3cf78b0d7af0997f5ea5dbb7a7031e0466b9f2dd9b2
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close