CVE-2010-2798
moderate-risk
Published 2010-09-08
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c.
Do I need to act?
-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (20)
Aura Presence Services
Aura Session Manager
Aura Session Manager
Aura System Manager
Aura System Manager
Aura System Manager
Aura System Platform
Aura System Platform
Iq
Voice Portal
References (38)
Broken Link
http://secunia.com/advisories/46397
Third Party Advisory
http://securitytracker.com/id?1024386
Third Party Advisory
http://support.avaya.com/css/P8/documents/100113326
Third Party Advisory
http://www.debian.org/security/2010/dsa-2094
Third Party Advisory
http://www.securityfocus.com/archive/1/520102/100/0/threaded
Third Party Advisory
http://www.securityfocus.com/bid/42124
Third Party Advisory
http://www.ubuntu.com/usn/USN-1000-1
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=620300
and 18 more references
47
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
0/34 · Minimal
Exposure
23/34 · High