CVE-2010-3084
Published: 29 September 2010
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
From the Ubuntu security team
Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Patches: Karmic: http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3084/patches/karmic/linux/0001-niu-Fix-kernel-buffer-overflow-for-ETHTOOL_GRXCLSRLALL.txt Lucid: http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3084/patches/lucid/linux/0001-niu-Fix-kernel-buffer-overflow-for-ETHTOOL_GRXCLSRLALL.txt |
||
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|