CVE-2010-3849

Priority
Low
Description
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel
before 2.6.36.2, when an econet address is configured, allows local users
to cause a denial of service (NULL pointer dereference and OOPS) via a
sendmsg call that specifies a NULL value for the remote address field.
Ubuntu-Description
Nelson Elhage discovered several problems with the Acorn Econet protocol
driver. A local user could cause a denial of service via a NULL pointer
dereference, escalate privileges by overflowing the kernel stack, and
assign Econet addresses to arbitrary interfaces.
References
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.37~rc4)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=fa0e846494792e722d817b9d3d625a4ef4896c96
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
More Information

Updated: 2018-06-26 04:38:16 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)