CVE-2010-0291 - Vulnerability Details

The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Linux	Linux Kernel
Redhat	Enterprise Linux Enterprise Mrg

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:4.0:::::::*
	cpe:2.3:o:debian:debian_linux:5.0:::::::*

Package	CPE	Advisory	Released Date
MRG for RHEL-5
kernel-rt-0:2.6.24.7-149.el5rt	cpe:/a:redhat:enterprise_mrg:1::el5	RHSA-2010:0161	2010-03-23T00:00:00Z
Red Hat Enterprise Linux 5
kernel-0:2.6.18-194.8.1.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2010:0504	2010-07-01T00:00:00Z

References

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0067bd8a55862ac9dd212bd1c4f6f5bff1ca1301
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05d72faa6d13c9d857478a5d35c85db9adada685
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=097eed103862f9c6a97f2e415e21d1134017b135
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0ec62d290912bb4b989be7563851bc364ec73b56
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a0ef85f84feb13f07b604fcf5b90ef7c2b5c82f
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2c6a10161d0b5fc047b5bd81b03693b9af99fab5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ea1d13f64efdf49319e86c87d9ba38c30902782
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=54f5de709984bae0d31d823ff03de755f9dcac54
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=564b3bffc619dcbdd160de597b0547a7017ea010
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=570dcf2c15463842e384eb597a87c1e39bead99b
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c7b49b3ecd48923eb64ff57e07a1cdb74782970
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9206de95b1ea68357996ec02be5db0638a0de2c1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=935874141df839c706cd6cdc438e85eb69d1525e
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aa65607373a4daf2010e8c3867b6317619f3c1a3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bb52d6694002b9d632bb355f64daa045c6293a4e
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c4caa778157dbbf04116f0ac2111e389b5cd7a29
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e77414e0aad6a1b063ba5e5750c582c75327ea6a
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ecc1a8993751de4e82eb18640d631dae1f626bd6
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f106af4e90eadd76cfc0b5325f659619e08fb762
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8b7256096a20436f6d0926747e3ac3d64c81d24
http://groups.google.co.jp/group/fa.linux.kernel/browse_thread/thread/8bf22336b1082090
http://groups.google.com/group/linux.kernel/msg/895f20870532241e
http://marc.info/?l=linux-arch&m=126004438008670&w=2
http://marc.info/?l=oss-security&m=126388181420690&w=2
http://marc.info/?l=oss-security&m=126393370931972&w=2
http://marc.info/?l=oss-security&m=126395874130875&w=2
http://marc.info/?l=oss-security&m=126396065732697&w=2
http://marc.info/?l=oss-security&m=126396609004884&w=2
http://marc.info/?l=oss-security&m=126399980216047&w=2
http://marc.info/?l=oss-security&m=126400443123998&w=2
http://marc.info/?l=oss-security&m=126406814304720&w=2
http://secunia.com/advisories/38492
http://secunia.com/advisories/39033
http://secunia.com/advisories/43315
http://www.debian.org/security/2010/dsa-1996
http://www.debian.org/security/2010/dsa-2005
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4
http://www.redhat.com/support/errata/RHSA-2010-0161.html
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/37906
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=556703
https://nvd.nist.gov/vuln/detail/CVE-2010-0291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11824
https://www.cve.org/CVERecord?id=CVE-2010-0291

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-02-15T18:00:00

Updated: 2024-08-07T00:45:11.984Z

Reserved: 2010-01-12T00:00:00

Link: CVE-2010-0291

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-02-15T18:30:00.720

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-0291

Redhat

Severity : Important

Publid Date: 2009-12-07T00:00:00Z

Links: CVE-2010-0291 - Bugzilla

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object