CVE-2010-2524
First published: Wed Jul 07 2010(Updated: )
Description of problem: CIFS has the ability to chase MS-DFS referrals. In order to do this it has to be able to resolve hostnames into IP addresses. For this, it uses the keys API to upcall to the cifs.upcall userspace helper. It then resolves the name and hands the address back to the kernel. The dns_resolver upcall currently used by CIFS is susceptible to cache stuffing. It's possible for a malicious user to stuff the keyring with the results of a lookup, and then trick the server into mounting a server of his choosing.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/linux-2.6 | ||
| Linux Kernel | <2.6.35 | |
| VMware ESXi | =4.0 | |
| VMware ESXi | =4.1 | |
| Ubuntu | =6.06 | |
| Ubuntu | =8.04 | |
| Ubuntu | =9.04 | |
| Ubuntu | =9.10 | |
| Ubuntu | =10.04 | |
| Ubuntu | =10.10 | |
| SUSE Linux Enterprise Desktop | =11-sp1 | |
| SUSE Linux Enterprise Server | =11-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
- http://secunia.com/advisories/43315
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
- https://bugzilla.redhat.com/show_bug.cgi?id=612166
- http://www.redhat.com/support/errata/RHSA-2010-0610.html
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html
- http://www.ubuntu.com/usn/USN-1000-1
- http://marc.info/?l=oss-security&m=128072090331700&w=2
- http://marc.info/?l=oss-security&m=128078387328921&w=2
- http://marc.info/?l=oss-security&m=128080755321157&w=2
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- https://launchpad.net/bugs/cve/CVE-2010-2524
- https://rhn.redhat.com/errata/RHSA-2010-0723.html
- http://git.kernel.org/linus/4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7
- https://rhn.redhat.com/errata/RHSA-2010-0610.html
- https://security-tracker.debian.org/tracker/CVE-2010-2524
- http://marc.info/?l=oss-security&m=128072090331700&w=2
- http://marc.info/?l=oss-security&m=128078387328921&w=2
- http://marc.info/?l=oss-security&m=128080755321157&w=2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524
- https://nvd.nist.gov/vuln/detail/CVE-2010-2524
- https://ubuntu.com/security/CVE-2010-2524
Frequently Asked Questions
What is the severity of CVE-2010-2524?
CVE-2010-2524 has a medium severity rating due to potential security implications in CIFS handling of MS-DFS referrals.
How do I fix CVE-2010-2524?
To fix CVE-2010-2524, ensure your system is updated with the latest kernel patches that address this vulnerability.
Which systems are affected by CVE-2010-2524?
CVE-2010-2524 affects various versions of the Linux kernel and VMware ESX, along with several Ubuntu and SUSE Linux distributions.
What are the implications of CVE-2010-2524?
CVE-2010-2524 could potentially allow an attacker to exploit the CIFS functionality, leading to unauthorized access or denial of service.
Is CVE-2010-2524 still a concern in modern systems?
While CVE-2010-2524 was a notable vulnerability, modern systems with updated kernels should have mitigated its risks significantly.
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-2524
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/remedy
- agent/references
- agent/description
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/debian
- vendor/linux
- canonical/linux kernel
- vendor/vmware
- canonical/vmware esxi
- version/vmware esxi/4.0
- version/vmware esxi/4.1
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/6.06
- version/ubuntu/8.04
- version/ubuntu/9.04
- version/ubuntu/9.10
- version/ubuntu/10.04
- version/ubuntu/10.10
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp1
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11-sp1