Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-2478

Published: 29 September 2010

Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value that triggers a buffer overflow, a different vulnerability than CVE-2010-3084.

From the Ubuntu Security Team

Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service.

Notes

AuthorNote
smb 
In Jaunty the structure has no additional members that need hiding. And
in Hardy the (S|G)RXFH functionality is not even implemented. Same in
Dapper.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		dapper Does not exist

hardy Not vulnerable

jaunty Not vulnerable

karmic
Released (2.6.31-22.67)
lucid
Released (2.6.32-25.43)
maverick
Released
upstream
Released (2.6.35~rc5)
Patches:
upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bf988435bd5b53529f4408a8efb1f433f6ddfda9
karmic: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-2478/patches/karmic/linux/0001-ethtool-Fix-potential-user-buffer-overflow-for-ETHTOOL.txt
linux-ec2
Launchpad, Ubuntu, Debian 		dapper Does not exist

hardy Does not exist

karmic
Released (2.6.31-307.21)
lucid
Released (2.6.32-309.18)
maverick Ignored
(end of life)
upstream
Released (2.6.35~rc5)
linux-fsl-imx51
Launchpad, Ubuntu, Debian 		dapper Does not exist

hardy Does not exist

karmic
Released (2.6.31-112.30)
lucid
Released (2.6.31-608.22)
maverick Does not exist

upstream
Released (2.6.35~rc5)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		dapper Does not exist

hardy Does not exist

karmic Does not exist

lucid
Released (2.6.35-25.44~lucid1)
maverick Does not exist

upstream
Released (2.6.35~rc5)
linux-source-2.6.15
Launchpad, Ubuntu, Debian 		dapper Not vulnerable

hardy Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

upstream
Released (2.6.35~rc5)

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading