CVE-2010-3084
Published: 29 September 2010
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
From the Ubuntu security team
Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
Patches: Karmic: http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3084/patches/karmic/linux/0001-niu-Fix-kernel-buffer-overflow-for-ETHTOOL_GRXCLSRLALL.txt Lucid: http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-3084/patches/lucid/linux/0001-niu-Fix-kernel-buffer-overflow-for-ETHTOOL_GRXCLSRLALL.txt |
||
|
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3084
- https://ubuntu.com/security/notices/USN-1000-1
- https://ubuntu.com/security/notices/USN-1074-1
- https://ubuntu.com/security/notices/USN-1074-2
- https://ubuntu.com/security/notices/USN-1083-1
- https://ubuntu.com/security/notices/USN-1093-1
- NVD
- Launchpad
- Debian