CVE-2010-2492
moderate-risk
Published 2010-09-08
Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.
Do I need to act?
-
0.08% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (20)
Aura Presence Services
Aura Session Manager
Aura Session Manager
Aura System Manager
Aura System Manager
Aura System Manager
Aura System Platform
Aura System Platform
Iq
Aura Communication Manager
Aura Presence Services
Aura Presence Services
Aura Session Manager
Aura System Manager
Aura System Platform
References (24)
Broken Link
http://secunia.com/advisories/42890
Broken Link
http://secunia.com/advisories/46397
Third Party Advisory
http://support.avaya.com/css/P8/documents/100113326
Third Party Advisory
http://www.securityfocus.com/archive/1/520102/100/0/threaded
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=611385
Broken Link
http://secunia.com/advisories/42890
Broken Link
http://secunia.com/advisories/46397
Third Party Advisory
http://support.avaya.com/css/P8/documents/100113326
and 4 more references
44
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
0/34 · Minimal
Exposure
20/34 · Moderate