CVE-2010-0291

Impact:: Important
Public Date:: 2009-12-07
IAVA:: 2011-A-0066

Bugzilla:: 556703: CVE-2010-0291 kernel: untangle the do_mremap()

The MITRE CVE dictionary describes this issue as:

The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."

Find out more about CVE-2010-0291 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

The risks associated with fixing this bug are greater than the important severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 3 and 4. This issue was addressed in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0504.html and https://rhn.redhat.com/errata/RHSA-2010-0161.html.

CVSS v2 metrics

Base Score	7.2
Base Metrics	AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector	Local
Access Complexity	Low
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform	Errata	Release Date
Red Hat Enterprise Linux 5 (kernel)	RHSA-2010:0504	2010-07-01
MRG Grid for RHEL 5 Server (kernel-rt)	RHSA-2010:0161	2010-03-23

Last Modified 2018-04-27T23:22:17+00:00

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

CVE-2010-0291

Statement

CVSS v2 metrics

Red Hat Security Errata