CVE-2010-3067

Impact:
Low
Public Date:
2010-09-15
IAVA:
2011-A-0147
Bugzilla:
629441: CVE-2010-3067 kernel: do_io_submit() infoleak

The MITRE CVE dictionary describes this issue as:

Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.

Find out more about CVE-2010-3067 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 2.1
Base Metrics AV:L/AC:L/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (kernel) RHSA-2010:0839 2010-11-10
Red Hat Enterprise Linux 6 (kernel) RHSA-2011:0007 2011-01-11
MRG Grid for RHEL 5 Server (kernel-rt) RHSA-2010:0758 2010-10-08
Red Hat Enterprise Linux 4 (kernel) RHSA-2010:0779 2010-10-19

Acknowledgements

Red Hat would like to thank Tavis Ormandy for reporting this issue.
Last Modified

CVE description copyright © 2017, The MITRE Corporation