Multiple vulnerabilities in Linux kernel
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2010-4656 CVE-2010-4529 |
| CWE-ID | CWE-787 CWE-191 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
| Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU44880
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-4656
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to execute arbitrary code.
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.0 - 2.6.36.4
External linkshttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3ed780117dbe5acb64280d218f0347f238dafed0
http://openwall.com/lists/oss-security/2011/01/24/9
http://openwall.com/lists/oss-security/2011/01/25/3
http://openwall.com/lists/oss-security/2011/01/25/4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
http://www.securityfocus.com/bid/46069
http://www.ubuntu.com/usn/USN-1146-1
http://bugzilla.redhat.com/show_bug.cgi?id=672420
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer underflow
EUVDB-ID: #VU45456
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-4529
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES getsockopt call.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.0 - 2.6.36.4
External linkshttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fdac1e0697356ac212259f2147aa60c72e334861
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
http://openwall.com/lists/oss-security/2010/12/23/1
http://openwall.com/lists/oss-security/2011/01/03/1
http://secunia.com/advisories/42684
http://secunia.com/advisories/43291
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
http://www.securityfocus.com/bid/45556
http://www.spinics.net/lists/netdev/msg150842.html
http://www.vupen.com/english/advisories/2011/0375
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
