CVE-2010-2240
Published Sep 3, 2010
Last updated 2 years ago
Overview
- Description
- The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEA6DA66-4F42-4F29-A2C6-D65ABA86BEFE",
"versionEndIncluding": "2.6.27.51"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46568A0D-F374-4DAB-9B64-FCC74A9AA07B"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "084A2575-E5A6-43BD-8CE5-1EF628AA9ACB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "041CE8AF-711C-496D-BDF2-B4AB655C0C8D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE192302-F569-4301-83F2-AEE020FB77B9"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2597A691-01B8-4FD2-AF71-D4BCC15C6F10"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "533A03F0-D7C4-42EF-BAD7-2B5A9A9D68EC"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDBA84AD-CB87-418B-BBF7-8E910FB8FD5D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0FA9FA7-3BE3-415B-AA06-A2401B2AD8DC"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A93EFB49-0195-4471-9445-DA944CD55459"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "075C2C0A-E5E7-412C-9B28-3E3363A2DF05"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "534281D8-EAEB-4E78-8835-E6BA318BE866"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "192A8675-4413-4ADD-BF9E-DFD757C76387"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E15D428-B54A-499D-8677-63C73A2C2934"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8804EC33-1751-4493-98D7-B85F326ABAD1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC94715E-208F-421E-8FCA-81E86175C983"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "982071FC-873D-4C38-817B-F5853699135D"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B721839-AB4C-4DE7-834F-E790DE770066"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75965543-51D3-4809-8815-EA80BAC85C98"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CEC8F08-EE90-41CA-A30F-D34290168571"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B39BF614-85CD-4C6A-877C-724FB6F5B125"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD31EA80-D021-4E47-8FB0-E1F23E379EA7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C683054-0275-4A92-B003-9C9A5A03B6E2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2CD9FB1-AB83-427A-8923-97ED7ADFD63D"
}
],
"operator": "OR"
}
]
}
]