exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2010-3301

Status Candidate

Overview

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

Related Files

Ubuntu Security Notice USN-1041-1
Posted Jan 11, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1041-1 - Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. Various other issues have also been addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-2537, CVE-2010-2538, CVE-2010-2943, CVE-2010-2962, CVE-2010-3079, CVE-2010-3296, CVE-2010-3297, CVE-2010-3298, CVE-2010-3301, CVE-2010-3858, CVE-2010-3861, CVE-2010-4072
SHA-256 | ea26db62a4d97743642eaeed97eb665811c26eb91fe42e08a560cf013565d264
Mandriva Linux Security Advisory 2010-247
Posted Dec 4, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-247 - Vulnerabilities were discovered and corrected in the Linux 2.6 kernel. There are both underflow and overflow issues addressed.

tags | advisory, overflow, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3081, CVE-2010-3301, CVE-2010-3015
SHA-256 | 79073c35eacef750d2cb8efb7de448b40c4b96fad249e142cec6e10fea209d2c
Ubuntu Security Notice 988-1
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 988-1 - Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3081, CVE-2010-3301
SHA-256 | 3292bde8e4e5b048589c79d2d8ad3262fbd351a7707fb46c64c98ef65a7d9b66
Linux Kernel ia32syscall Emulation Local Root
Posted Sep 16, 2010
Authored by Venglin, Wojciech Purczynski, Robert Swiecki, Pawel Pisarczyk, Ben Hawkes

Local root exploit for the x86_64 Linux kernel ia32syscall emulation vulnerability. This is a variant of a vulnerability found back in 2007.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2007-4573, CVE-2010-3301
SHA-256 | a975a5a7e9e7bdcda51544b9df0e5c25b8e47ff9127f4b0b85f74f3553538ba9
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close