CVE-2010-1148
Ubuntu Security Notice 947-2
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.
La función cifs_create en fs/cifs/dir.c en el kernel de Linux v2.6.33.2 y anteriores permite a usuarios locales causar una denegación de servicio (referencias de puntero nulo y OOPS) o posiblemente tener un impacto no especificado a través de un campo nameidata NULL (tambien llamado nd) en una solicitud de creación de archivos POSIX a un servidor que soporta extensiones UNIX.
It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. It was discovered that the r8169 network driver did not correctly check the size of Ethernet frames. Wei Yongjun discovered that SCTP did not correctly validate certain chunks. It was discovered that KVM did not correctly limit certain privileged IO accesses on x86. Evgeniy Polyakov discovered that IPv6 did not correctly handle certain TUN packets. Tons of other vulnerabilities have also been discovered and addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-03-29 CVE Reserved
- 2010-04-12 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://marc.info/?l=oss-security&m=127045754521927&w=2 | Mailing List | |
http://marc.info/?l=oss-security&m=127045779122119&w=2 | Mailing List | |
http://openwall.com/lists/oss-security/2010/04/06/2 | Mailing List | |
http://secunia.com/advisories/39344 | Broken Link | |
http://www.securityfocus.com/bid/39186 | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/57561 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
http://xorl.wordpress.com/2010/04/05/linux-kernel-unix-extensions-cifs-null-pointer-dereference | 2024-08-07 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.33.2 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.33.2" | - |
Affected
|