CVE-2010-1087high
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.
References
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html
http://secunia.com/advisories/39830
http://secunia.com/advisories/40645
http://secunia.com/advisories/43315
http://www.debian.org/security/2010/dsa-2053
http://www.openwall.com/lists/oss-security/2010/03/03/1
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securityfocus.com/bid/39569
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vupen.com/english/advisories/2010/1857
https://bugzilla.redhat.com/show_bug.cgi?id=567184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10442
Details
Source: MITRE
Published: 2010-04-06
Updated: 2018-11-16
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 7.8
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 10
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.33:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.33:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.33:rc3:*:*:*:*:*:*
Configuration 2
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 89674 | VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0003) (remote check) | Nessus | Misc. | critical |
| 79507 | OracleVM 2.2 : kernel (OVMSA-2013-0039) | Nessus | OracleVM Local Security Checks | high |
| 68056 | Oracle Linux 5 : kernel (ELSA-2010-0504) | Nessus | Oracle Linux Local Security Checks | high |
| 60810 | Scientific Linux Security Update : kernel on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
| 59150 | SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7116) | Nessus | SuSE Local Security Checks | high |
| 51971 | VMSA-2011-0003 : Third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | Nessus | VMware ESX Local Security Checks | high |
| 50922 | SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 2682 / 2687 / 2689) | Nessus | SuSE Local Security Checks | high |
| 50611 | VMSA-2010-0016 : VMware ESXi and ESX third-party updates for Service Console and Likewise components | Nessus | VMware ESX Local Security Checks | critical |
| 49872 | SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7112) | Nessus | SuSE Local Security Checks | high |
| 49671 | openSUSE Security Update : kernel (openSUSE-SU-2010:0664-1) | Nessus | SuSE Local Security Checks | critical |
| 47870 | RHEL 5 : kernel (RHSA-2010:0504) | Nessus | Red Hat Local Security Checks | high |
| 47774 | openSUSE Security Update : kernel (openSUSE-SU-2010:0397-1) | Nessus | SuSE Local Security Checks | high |
| 47702 | CentOS 5 : kernel (CESA-2010:0504) | Nessus | CentOS Local Security Checks | high |
| 46811 | Ubuntu 10.04 LTS : linux regression (USN-947-2) | Nessus | Ubuntu Local Security Checks | high |
| 46810 | Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : linux, linux-source-2.6.15 vulnerabilities (USN-947-1) | Nessus | Ubuntu Local Security Checks | high |
| 46725 | Debian DSA-2053-1 : linux-2.6 - privilege escalation/denial of service/information leak | Nessus | Debian Local Security Checks | high |
| 801492 | CentOS RHSA-2010-0504 Security Check | Log Correlation Engine | Generic | high |