JVN/CVE Demo: Cveinfos

CVE

Id: 46842
CVE No.: CVE-2010-4258
Status: Candidate
Description: The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.
Phase: Assigned (20101116)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
511943	46842	CVE-2010-4258	FULLDISC:20101207 Linux kernel exploit	View
511944	46842	CVE-2010-4258	URL:http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html	View
511945	46842	CVE-2010-4258	MLIST:[linux-kernel] 20101201 Re: [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.	View
511946	46842	CVE-2010-4258	URL:https://lkml.org/lkml/2010/12/1/543	View
511947	46842	CVE-2010-4258	MLIST:[linux-kernel] 20101201 [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.	View
511948	46842	CVE-2010-4258	URL:http://marc.info/?l=linux-kernel&m=129117048916957&w=2	View
511949	46842	CVE-2010-4258	MLIST:[oss-security] 20101202 CVE request: kernel: failure to revert address limit override in OOPS error path	View
511950	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/02/2	View
511951	46842	CVE-2010-4258	MLIST:[oss-security] 20101202 Re: CVE request: kernel: failure to revert address limit override in OOPS error path	View
511952	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/02/7	View
511953	46842	CVE-2010-4258	MLIST:[oss-security] 20101202 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511954	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/02/4	View
511955	46842	CVE-2010-4258	MLIST:[oss-security] 20101202 kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511956	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/02/3	View
511957	46842	CVE-2010-4258	MLIST:[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511958	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/08/9	View
511959	46842	CVE-2010-4258	MLIST:[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511960	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/08/4	View
511961	46842	CVE-2010-4258	MLIST:[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511962	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/08/5	View
511963	46842	CVE-2010-4258	MLIST:[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511964	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/09/4	View
511965	46842	CVE-2010-4258	MLIST:[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses	View
511966	46842	CVE-2010-4258	URL:http://openwall.com/lists/oss-security/2010/12/09/14	View
511967	46842	CVE-2010-4258	MISC:http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/	View
511968	46842	CVE-2010-4258	CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177	View
511969	46842	CVE-2010-4258	CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2	View
511970	46842	CVE-2010-4258	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=659567	View
511971	46842	CVE-2010-4258	CONFIRM:http://code.google.com/p/chromium-os/issues/detail?id=10234	View
511972	46842	CVE-2010-4258	CONFIRM:http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html	View
511973	46842	CVE-2010-4258	FEDORA:FEDORA-2010-18983	View
511974	46842	CVE-2010-4258	URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html	View
511975	46842	CVE-2010-4258	MANDRIVA:MDVSA-2011:029	View
511976	46842	CVE-2010-4258	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2011:029	View
511977	46842	CVE-2010-4258	SUSE:SUSE-SA:2011:001	View
511978	46842	CVE-2010-4258	URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html	View
511979	46842	CVE-2010-4258	SUSE:SUSE-SA:2011:002	View
511980	46842	CVE-2010-4258	URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html	View
511981	46842	CVE-2010-4258	SUSE:SUSE-SA:2011:004	View
511982	46842	CVE-2010-4258	URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html	View
511983	46842	CVE-2010-4258	SUSE:SUSE-SA:2011:005	View
511984	46842	CVE-2010-4258	URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html	View
511985	46842	CVE-2010-4258	SUSE:SUSE-SA:2011:007	View
511986	46842	CVE-2010-4258	URL:http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html	View
511987	46842	CVE-2010-4258	SUSE:SUSE-SA:2011:008	View
511988	46842	CVE-2010-4258	URL:http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html	View
511989	46842	CVE-2010-4258	SECUNIA:42745	View
511990	46842	CVE-2010-4258	URL:http://secunia.com/advisories/42745	View
511991	46842	CVE-2010-4258	SECUNIA:42778	View
511992	46842	CVE-2010-4258	URL:http://secunia.com/advisories/42778	View
511993	46842	CVE-2010-4258	SECUNIA:42801	View
511994	46842	CVE-2010-4258	URL:http://secunia.com/advisories/42801	View
511995	46842	CVE-2010-4258	SECUNIA:42932	View
511996	46842	CVE-2010-4258	URL:http://secunia.com/advisories/42932	View
511997	46842	CVE-2010-4258	SECUNIA:43056	View
511998	46842	CVE-2010-4258	URL:http://secunia.com/advisories/43056	View
511999	46842	CVE-2010-4258	SECUNIA:43291	View
512000	46842	CVE-2010-4258	URL:http://secunia.com/advisories/43291	View
512001	46842	CVE-2010-4258	VUPEN:ADV-2010-3321	View
512002	46842	CVE-2010-4258	URL:http://www.vupen.com/english/advisories/2010/3321	View
512003	46842	CVE-2010-4258	VUPEN:ADV-2011-0012	View
512004	46842	CVE-2010-4258	URL:http://www.vupen.com/english/advisories/2011/0012	View
512005	46842	CVE-2010-4258	VUPEN:ADV-2011-0124	View
512006	46842	CVE-2010-4258	URL:http://www.vupen.com/english/advisories/2011/0124	View
512007	46842	CVE-2010-4258	VUPEN:ADV-2011-0213	View
512008	46842	CVE-2010-4258	URL:http://www.vupen.com/english/advisories/2011/0213	View
512009	46842	CVE-2010-4258	VUPEN:ADV-2011-0298	View
512010	46842	CVE-2010-4258	URL:http://www.vupen.com/english/advisories/2011/0298	View
512011	46842	CVE-2010-4258	VUPEN:ADV-2011-0375	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
37614	JVNDB-2010-003399	Xfig におけるスタックベースのバッファオーバーフローの脆弱性	Xfig には、スタックベースのバッファオーバーフローの脆弱性が存在します。	CVE-2010-4262	46842	6.8		http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003399.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.37 MB
View render complete	2.89 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.81
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	445.13
Event: Controller.beforeRender	4.82
» Processing toolbar data	4.72
Rendering View	20.82
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	19.70
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.68
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/46842
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/46842
Remote Port	36675
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.13
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.0.244
Http Via	1.1 squid-proxy-5b5d847c96-4vchr (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.13
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.13
Unique Id	aHlK_3J1ig15ZcyaGjY0HAAAAC4
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.13
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.13
Redirect Unique Id	aHlK_3J1ig15ZcyaGjY0HAAAAC4
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.13
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.13
Redirect Redirect Unique Id	aHlK_3J1ig15ZcyaGjY0HAAAAC4
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752779519.693
Request Time	1752779519

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files