CVE - CVE-2010-1643

CVE-ID
CVE-2010-1643	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:40377 URL:http://www.securityfocus.com/bid/40377 MISC:40645 URL:http://secunia.com/advisories/40645 MISC:ADV-2010-1857 URL:~~http://www.vupen.com/english/advisories/2010/1857~~ (Obsolete source) MISC:MDVSA-2010:198 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:198~~ (Obsolete source) MISC:SUSE-SA:2010:031 URL:http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html MISC:[oss-security] 20100526 CVE request - kernel: nfsd: fix vm overcommit crash URL:http://www.openwall.com/lists/oss-security/2010/05/26/2 MISC:[oss-security] 20100526 Re: CVE request - kernel: nfsd: fix vm overcommit crash URL:http://www.openwall.com/lists/oss-security/2010/05/26/6 MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=731572d39fcd3498702eda4600db4c43d51e0b26 URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=731572d39fcd3498702eda4600db4c43d51e0b26 MISC:http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-knfsd-9666 URL:http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-knfsd-9666 MISC:http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.28/ChangeLog-2.6.28-rc3 URL:http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.28/ChangeLog-2.6.28-rc3 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=595970 URL:https://bugzilla.redhat.com/show_bug.cgi?id=595970 MISC:linux-kernel-knfsd-dos(58957) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/58957
Assigning CNA
Red Hat, Inc.
Date Record Created
20100429	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100429)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.