Showing 1 - 4 of 4

CVE-2010-3301

Status Candidate

Overview

The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.

Related Files

Ubuntu Security Notice USN-1041-1: Posted Jan 11, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1041-1 - Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. Various other issues have also been addressed.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2010-2537, CVE-2010-2538, CVE-2010-2943, CVE-2010-2962, CVE-2010-3079, CVE-2010-3296, CVE-2010-3297, CVE-2010-3298, CVE-2010-3301, CVE-2010-3858, CVE-2010-3861, CVE-2010-4072; SHA-256 | ea26db62a4d97743642eaeed97eb665811c26eb91fe42e08a560cf013565d264; Download | Favorite | View

Mandriva Linux Security Advisory 2010-247: Posted Dec 4, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-247 - Vulnerabilities were discovered and corrected in the Linux 2.6 kernel. There are both underflow and overflow issues addressed.; tags | advisory, overflow, kernel, vulnerability; systems | linux, mandriva; advisories | CVE-2010-3081, CVE-2010-3301, CVE-2010-3015; SHA-256 | 79073c35eacef750d2cb8efb7de448b40c4b96fad249e142cec6e10fea209d2c; Download | Favorite | View

Ubuntu Security Notice 988-1: Posted Sep 18, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 988-1 - Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges.; tags | advisory, kernel, local, root; systems | linux, ubuntu; advisories | CVE-2010-3081, CVE-2010-3301; SHA-256 | 3292bde8e4e5b048589c79d2d8ad3262fbd351a7707fb46c64c98ef65a7d9b66; Download | Favorite | View

Linux Kernel ia32syscall Emulation Local Root: Posted Sep 16, 2010; Authored by Venglin, Wojciech Purczynski, Robert Swiecki, Pawel Pisarczyk, Ben Hawkes; Local root exploit for the x86_64 Linux kernel ia32syscall emulation vulnerability. This is a variant of a vulnerability found back in 2007.; tags | exploit, kernel, local, root; systems | linux; advisories | CVE-2007-4573, CVE-2010-3301; SHA-256 | a975a5a7e9e7bdcda51544b9df0e5c25b8e47ff9127f4b0b85f74f3553538ba9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2010-3301

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems