PT-2010-5681 · Centos+3 · Centos+3
Dan Rosenberg
·
Published
1970-01-01
·
Updated
2023-02-13
·
CVE-2010-4158
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 2.6.36.2
SUSE Linux Enterprise kernel-kdumppae-debuginfo versions (affected versions not specified)
SUSE Linux Enterprise kernel-vmipae-debuginfo versions (affected versions not specified)
CentOS kernel-2.6.9 versions
CentOS kernel-devel-2.6.9 versions
CentOS kernel-doc-2.6.9 versions
CentOS kernel-hugemem-2.6.9 versions
CentOS kernel-largesmp-2.6.9 versions
CentOS kernel-smp-2.6.9 versions
CentOS kernel-smp-devel-2.6.9 versions
CentOS kernel-largesmp-devel-2.6.9 versions
Red Hat Enterprise Linux kernel-2.6.9 versions
Red Hat Enterprise Linux kernel-devel-2.6.9 versions
Red Hat Enterprise Linux kernel-doc-2.6.9 versions
Red Hat Enterprise Linux kernel-hugemem-2.6.9 versions
Red Hat Enterprise Linux kernel-hugemem-devel-2.6.9 versions
Red Hat Enterprise Linux kernel-largesmp-2.6.9 versions
Red Hat Enterprise Linux kernel-largesmp-devel-2.6.9 versions
Red Hat Enterprise Linux kernel-smp-2.6.9 versions
Red Hat Enterprise Linux kernel-smp-devel-2.6.9 versions
Description
The issue is related to multiple vulnerabilities in the Linux kernel, which can be exploited remotely to disrupt the confidentiality, integrity, and availability of protected information. The
sk run filter function in net/core/filter.c does not check whether a certain memory location has been initialized before executing a (1) BPF S LD MEM or (2) BPF S LDX MEM instruction, allowing local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.Recommendations
As a temporary workaround, consider disabling the
sk run filter function until a patch is available.
For Linux kernel versions prior to 2.6.36.2, update to version 2.6.36.2 or later.
For SUSE Linux Enterprise, update the kernel-kdumppae-debuginfo and kernel-vmipae-debuginfo packages to the latest versions.
For CentOS and Red Hat Enterprise Linux, update the kernel, kernel-devel, kernel-doc, kernel-hugemem, kernel-largesmp, kernel-smp, and kernel-smp-devel packages to versions later than 2.6.9.
Restrict access to the vulnerable kernel modules to minimize the risk of exploitation.
Avoid using the BPF S LD MEM and BPF S LDX MEM instructions in the affected socket filter until the issue is resolved.Exploit
Fix
Memory Corruption
Information Disclosure
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Centos
Linux Kernel
Red Hat
Suse Linux Enterprise