CVE-2010-3848

Priority
High
Description
Stack-based buffer overflow in the econet_sendmsg function in
net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet
address is configured, allows local users to gain privileges by providing a
large number of iovec structures.
Ubuntu-Description
Nelson Elhage discovered several problems with the Acorn Econet protocol
driver. A local user could cause a denial of service via a NULL pointer
dereference, escalate privileges by overflowing the kernel stack, and
assign Econet addresses to arbitrary interfaces.
References
Bugs
Notes
 jdstrand> per tracking bug LP: #712610, there was a regression in the kernel
  in -proposed for linux-mvl-dove. It it being investigated.
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.37~rc4)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a27e13d370415add3487949c60810e36069a23a6
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
More Information

Updated: 2018-06-26 04:38:16 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)