CVE-2010-3066

Publication date 6 December 2010

Last updated 24 July 2024

Ubuntu priority

The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause a denial of service (NULL pointer dereference) via a crafted io_submit system call with an IOCB_FLAG_RESFD flag.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
linux	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not in release
linux-source-2.6.15	10.04 LTS lucid	Not in release
	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=87e2831c3fa39cbf6f7ab676bb5aef039b9659e2

References

Other references

https://www.cve.org/CVERecord?id=CVE-2010-3066