Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K16489
HistoryApr 24, 2015 - 12:00 a.m.

K16489 : Linux kernel security vulnerabilities CVE-2010-3848, CVE-2010-3849, and CVE-2010-3850

2015-04-2400:00:00
my.f5.com
23

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

Security Advisory Description

Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field.

The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call.

Impact

There is no impact; F5 products are not affected by this vulnerability.

Related

openvas 19
f5 1
nessus 12
securityvulns 4
threatpost 1
seebug 4
packetstorm 1
exploitpack 2
ubuntu 6
suse 5
ubuntucve 3
exploitdb 2
prion 3
nvd 3
redhatcve 3
cve 3
cvelist 3
kitploit 1
debian 1
osv 1
openvas
openvas
Ubuntu Update for Linux kernel vulnerabilities USN-1023-1
2010-12-09 00:00:00
Ubuntu: Security Advisory (USN-1023-1)
2010-12-09 00:00:00
Mandriva Update for kernel MDVSA-2010:257 (kernel)
2011-01-04 00:00:00
f5
f5
SOL16489 - Multiple Linux Kernel security vulnerabilities CVE-2010-3848, CVE-2010-3849, and CVE-2010-3850
2015-04-24 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : linux, linux-{ec2,source-2.6.15} vulnerabilities (USN-1023-1)
2010-11-30 00:00:00
SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7303)
2011-01-27 00:00:00
SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7304)
2012-05-17 00:00:00
securityvulns
securityvulns
Linux kernel exploit
2010-12-09 00:00:00
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel
2012-12-02 00:00:00
[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues
2010-12-01 00:00:00
threatpost
threatpost
New Local Linux Kernel Root Exploit Published
2010-12-08 15:33:53
seebug
seebug
Linux Kernel <= 2.6.37 - Local Privilege Escalation
2014-07-01 00:00:00
Linux Kernel &lt;= 2.6.37 Local Privilege Escalation
2010-12-09 00:00:00
Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit
2014-07-01 00:00:00
packetstorm
packetstorm
Linux Kernel Econet Privilege Escalation
2011-09-06 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.36.2 (Ubuntu 10.04) - Half-Nelson.c Econet Privilege Escalation
2011-09-05 00:00:00
Linux Kernel 2.6.37 (RedHat Ubuntu 10.04) - Full-Nelson.c Local Privilege Escalation
2010-12-07 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-11-30 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-04-20 00:00:00
Linux kernel vulnerabilities
2011-02-25 00:00:00
suse
suse
local privilege escalation in kernel
2011-01-25 15:24:01
local privilege escalation, remote denial of in kernel
2011-02-11 13:07:24
remote denial of service in kernel
2011-04-28 13:57:06
ubuntucve
ubuntucve
CVE-2010-3849
2010-11-30 00:00:00
CVE-2010-3850
2010-11-30 00:00:00
CVE-2010-3848
2010-11-30 00:00:00
exploitdb
exploitdb
Linux Kernel &lt; 2.6.36.2 (Ubuntu 10.04) - &#039;Half-Nelson.c&#039; Econet Privilege Escalation
2011-09-05 00:00:00
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - &#039;Full-Nelson.c&#039; Local Privilege Escalation
2010-12-07 00:00:00
prion
prion
Null pointer dereference
2010-12-30 19:00:00
Design/Logic Flaw
2010-12-30 19:00:00
Stack overflow
2010-12-30 19:00:00
nvd
nvd
CVE-2010-3849
2010-12-30 19:00:03
CVE-2010-3850
2010-12-30 19:00:03
CVE-2010-3848
2010-12-30 19:00:03
redhatcve
redhatcve
CVE-2010-3849
2019-10-04 22:31:45
CVE-2010-3850
2015-10-30 09:28:09
CVE-2010-3848
2015-10-30 10:35:21
cve
cve
CVE-2010-3850
2010-12-30 19:00:03
CVE-2010-3849
2010-12-30 19:00:03
CVE-2010-3848
2010-12-30 19:00:03
cvelist
cvelist
CVE-2010-3850
2010-12-30 18:00:00
CVE-2010-3849
2010-12-30 18:00:00
CVE-2010-3848
2010-12-30 18:00:00
kitploit
kitploit
[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits
2013-08-29 00:48:00
debian
debian
[SECURITY] [DSA 2126-1] New Linux 2.6.26 packages fix several issues
2010-11-27 04:49:43
osv
osv
linux-2.6 - several issues
2010-11-26 00:00:00

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for F5:K16489
openvas19f51nessus12securityvulns4threatpost1seebug4packetstorm1exploitpack2ubuntu6suse5ubuntucve3exploitdb2prion3nvd3redhatcve3cve3cvelist3kitploit1debian1osv1