What is the severity of CVE-2010-2960?

CVE-2010-2960 has a severity rating of high due to the risk of a kernel NULL pointer dereference leading to a system crash.

How do I fix CVE-2010-2960?

To fix CVE-2010-2960, you should update your Linux kernel to a version that addresses this vulnerability.

Which systems are affected by CVE-2010-2960?

CVE-2010-2960 affects various versions of the Linux kernel and Ubuntu Linux including versions up to 2.6.35.4.

What is the potential impact of exploiting CVE-2010-2960?

Exploiting CVE-2010-2960 may lead to a denial of service by causing the kernel to panic and crash.

Is there a workaround for CVE-2010-2960?

Currently, there are no known workarounds for CVE-2010-2960 other than applying the necessary updates.

Vulnerability/
CVE-2010-2960

high

7.8

CWE

476

26/8/2010

8/9/2010

21/11/2024

CVE-2010-2960: Null Pointer Dereference

First published: Thu Aug 26 2010(Updated: )

Description of problem: Reported by Taviso Ormandy via the Ubuntu Security Team. $ gcc keyctl.c -o keyctl -lkeyutils $ ./keyctl [ 213.999221] BUG: unable to handle kernel NULL pointer dereference at 00000034 [ 214.002770] IP: [<c02f0f2a>] keyctl_session_to_parent+0x12a/0x1c0 [ 214.006011] *pde = 0fdb0067 *pte = 00000000 [ 214.008007] Oops: 0000 [#1] SMP [ 214.008973] last sysfs file: /sys/module/ppdev/initstate [ 214.010466] Modules linked in: binfmt_misc vmblock vsock vmmemctl vmhgfs acpiphp snd_ens1371 gameport snd_ac97_codec ac97_bus snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device ppdev fbcon tileblit font bitblit softcursor snd psmouse serio_raw parport_pc soundcore snd_page_alloc vmci shpchp i2c_piix4 vga16fb vgastate intel_agp agpgart lp parport mptspi mptscsih mptbase floppy scsi_transport_spi vmxnet [ 214.024416] [ 214.024899] Pid: 1772, comm: a.out Not tainted (2.6.32-24-generic #41-Ubuntu) VMware Virtual Platform [ 214.027413] EIP: 0060:[<c02f0f2a>] EFLAGS: 00210046 CPU: 0 [ 214.028927] EIP is at keyctl_session_to_parent+0x12a/0x1c0 [ 214.030419] EAX: d2cde100 EBX: d2cdeb00 ECX: 000003e8 EDX: cfcfc480 [ 214.032132] ESI: cfddb300 EDI: 00000000 EBP: d2c33f94 ESP: d2c33f7c [ 214.033811] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [ 214.035292] Process a.out (pid: 1772, ti=d2c32000 task=d79bbfc0 task.ti=d2c32000) [ 214.037346] Stack: [ 214.037926] 00000000 000003e8 d2cde700 004370c0 00000012 08048520 d2c33fac c02f22e5 [ 214.040262] <0> 00000004 00000012 00327ff4 08048520 d2c32000 c01033ec 00000012 004370c0 [ 214.042795] <0> 0804852b 00327ff4 08048520 00000001 00000120 0000007b 0000007b 00000000 [ 214.045405] Call Trace: [ 214.046108] [<c02f22e5>] ? sys_keyctl+0x65/0x170 [ 214.047434] [<c01033ec>] ? syscall_call+0x7/0xb [ 214.048711] Code: 90 0f 85 77 ff ff ff 8b 7a 08 89 7d ec 3b 78 18 0f 85 68 ff ff ff 3b 7a 18 0f 85 5f ff ff ff 3b 7a 10 0f 85 56 ff ff ff 8b 7d e8 <3b> 4f 34 8d 76 00 0f 85 47 ff ff ff 8b 7d f0 3b 4f 34 0f 85 3b [ 214.056401] EIP: [<c02f0f2a>] keyctl_session_to_parent+0x12a/0x1c0 SS:ESP 0068:d2c33f7c [ 214.058676] CR2: 0000000000000034 [ 214.059605] ---[ end trace cc41d96061101854 ]---

Credit: security@ubuntu.com

Affected Software	Affected Version	How to fix
debian/linux-2.6
Linux Kernel	<2.6.35.4
Ubuntu Linux	=6.06
Ubuntu Linux	=8.04
Ubuntu Linux	=9.04
Ubuntu Linux	=9.10
Ubuntu Linux	=10.04
Ubuntu Linux	=10.10
SUSE Linux Enterprise Desktop	=11-sp1
SUSE Linux Enterprise Server	=11-sp1
Ubuntu	=6.06
Ubuntu	=8.04
Ubuntu	=9.04
Ubuntu	=9.10
Ubuntu	=10.04
Ubuntu	=10.10

Remedy

https://bugzilla.redhat.com/show_bug.cgi?id=627440

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-2960?
CVE-2010-2960 has a severity rating of high due to the risk of a kernel NULL pointer dereference leading to a system crash.
How do I fix CVE-2010-2960?
To fix CVE-2010-2960, you should update your Linux kernel to a version that addresses this vulnerability.
Which systems are affected by CVE-2010-2960?
CVE-2010-2960 affects various versions of the Linux kernel and Ubuntu Linux including versions up to 2.6.35.4.
What is the potential impact of exploiting CVE-2010-2960?
Exploiting CVE-2010-2960 may lead to a denial of service by causing the kernel to panic and crash.
Is there a workaround for CVE-2010-2960?
Currently, there are no known workarounds for CVE-2010-2960 other than applying the necessary updates.

agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-2960
agent/author
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/severity
agent/weakness
collector/usn-cve
source/Ubuntu
agent/references
agent/remedy
agent/description
agent/event
agent/last-modified-date
agent/trending
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
agent/tags
agent/softwarecombine
collector/nvd-cve
source/NVD
collector/nvd-historical
package-manager/debian
vendor/linux
canonical/linux kernel
vendor/canonical
canonical/ubuntu linux
version/ubuntu linux/6.06
version/ubuntu linux/8.04
version/ubuntu linux/9.04
version/ubuntu linux/9.10
version/ubuntu linux/10.04
version/ubuntu linux/10.10
vendor/suse
canonical/suse linux enterprise desktop
version/suse linux enterprise desktop/11-sp1
canonical/suse linux enterprise server
version/suse linux enterprise server/11-sp1
canonical/ubuntu
version/ubuntu/6.06
version/ubuntu/8.04
version/ubuntu/9.04
version/ubuntu/9.10
version/ubuntu/10.04
version/ubuntu/10.10