CVE-2010-0623

Published Feb 15, 2010

Last updated a year ago

CVSS info 4.9

Overview

Description: The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Vendor comments

Red HatNot vulnerable. This security issue did not affect the Linux kernels as shipped with Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG, as they do not include the upstream change that introduced this flaw.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A01490AB-675E-4BA1-916D-F2A0D6CB27FD",
            "versionEndExcluding": "2.6.33"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF818826-D9F2-42F9-9638-9609513561A3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DB53511-E1B0-4F81-BE9E-B52E84E9C30E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "207306A0-19F5-4E49-945C-A5E4DD442459"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DE43C00-5967-44A1-ACEB-B7AF66EEBB53"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B33B5E4B-FCB3-4343-B992-F0ADB853754B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7295BBE-A9E3-44F6-9DD6-0FD6C2591E11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.33:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B220EA3F-55B3-4B6E-8285-B28ADEF50138"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References