CVE-2010-4649

Priority
Low
Description
Integer overflow in the ib_uverbs_poll_cq function in
drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37
allows local users to cause a denial of service (memory corruption) or
possibly have unspecified other impact via a large value of a certain
structure member.
Ubuntu-Description
Dan Carpenter discovered that the Infiniband driver did not correctly
handle certain requests. A local user could exploit this to crash the
system or potentially gain root privileges.
References
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.37~rc6)
Patches:
Upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7182afea8d1afd432a17c18162cc3fd441d0da93
Package
Upstream:released (2.6.37~rc6)
Package
Upstream:released (2.6.37~rc6)
More Information

Updated: 2018-06-26 04:38:56 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)