What is the severity of REDHAT-BUG-667892?

The severity of REDHAT-BUG-667892 is categorized as moderate.

How do I fix REDHAT-BUG-667892?

To fix REDHAT-BUG-667892, update your Linux kernel to a patched version that addresses the overflow issue.

Which software is affected by REDHAT-BUG-667892?

REDHAT-BUG-667892 affects the Linux kernel version 2.6.29-rc1 and above.

Is there a known exploit for REDHAT-BUG-667892?

As of now, there are no publicly known exploits specifically targeting REDHAT-BUG-667892.

When was REDHAT-BUG-667892 introduced?

REDHAT-BUG-667892 was introduced in the kernel version 59efec7b.

Vulnerability/
REDHAT-BUG-667892

medium

7/1/2011

24/2/2021

REDHAT-BUG-667892

First published: Fri Jan 07 2011(Updated: )

Verify that the total length of the iovec returned in FUSE_IOCTL_RETRY doesn't overflow iov_length(). Upstream commit: <a href="http://git.kernel.org/linus/7572777eef78ebdee1ecb7c258c0ef94d35bad16">http://git.kernel.org/linus/7572777eef78ebdee1ecb7c258c0ef94d35bad16</a> Introduced in 59efec7b v2.6.29-rc1 long fuse_do_ioctl(struct file *file, unsigned int cmd, unsigned long arg, unsigned int flags) { [...] /* did it ask for retry? */ if (outarg.flags & FUSE_IOCTL_RETRY) { [...] /* no retry if in restricted mode */ err = -EIO; if (!(flags & FUSE_IOCTL_UNRESTRICTED)) goto out; [...] in_iov = page_address(iov_page); out_iov = in_iov + in_iovs; So this affects unrestricted ioctl that is used by CUSE. Others use restricted ioctl. On Red Hat Enterprise Linux 6, /dev/cuse is root-owned by default. crw-rw----. 1 root root 10, 57 Jan 7 06:51 /dev/cuse

Affected Software	Affected Version	How to fix
Red Hat Kernel-devel	>=2.6.29-rc1
Red Hat Enterprise Linux

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-667892?
The severity of REDHAT-BUG-667892 is categorized as moderate.
How do I fix REDHAT-BUG-667892?
To fix REDHAT-BUG-667892, update your Linux kernel to a patched version that addresses the overflow issue.
Which software is affected by REDHAT-BUG-667892?
REDHAT-BUG-667892 affects the Linux kernel version 2.6.29-rc1 and above.
Is there a known exploit for REDHAT-BUG-667892?
As of now, there are no publicly known exploits specifically targeting REDHAT-BUG-667892.
When was REDHAT-BUG-667892 introduced?
REDHAT-BUG-667892 was introduced in the kernel version 59efec7b.

agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-4650
agent/source
agent/severity
agent/description
agent/event
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/red hat kernel-devel
vendor/red hat
canonical/red hat enterprise linux

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.