CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
9.8%
Off-by-one error in the options_write function in
drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel
2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to
overwrite arbitrary memory locations and gain privileges via a crafted
count argument, which triggers a stack-based buffer overflow.
Author | Note |
---|---|
mdeslaur | may only be vulnerable on particular SGI hardware PoC: http://grsecurity.net/~spender/exploit_demo.c |