CVE-2010-1451

Published: 7 May 2010

The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent attackers to exploit stack-based buffer overflows via a crafted application.

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	dapper	Does not exist
	hardy	Released (2.6.24-28.73)
	intrepid	Ignored (end of life, was needed)
	jaunty	Released (2.6.28-19.62)
	karmic	Released (2.6.31-22.61)
	lucid	Released (2.6.32-17.26)
	upstream	Released (2.6.33)
	Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=1f474646fdc36b457606bbcd6a3592e6cbd31ac4 hardy: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1451/patches/hardy/linux/0001-sparc64-Fix-sun4u-execute-bit-check-in-TSB-I-TLB-load.txt jaunty: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1451/patches/jaunty/linux/0001-sparc64-Fix-sun4u-execute-bit-check-in-TSB-I-TLB-load.txt karmic: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1451/patches/karmic/linux/0001-sparc64-Fix-sun4u-execute-bit-check-in-TSB-I-TLB-load.txt
linux-source-2.6.15 Launchpad, Ubuntu, Debian	dapper	Released (2.6.15-55.86)
	hardy	Does not exist
	intrepid	Does not exist
	jaunty	Does not exist
	karmic	Does not exist
	lucid	Does not exist
	upstream	Released (2.6.33)
	Patches: dapper: http://chinstrap.ubuntu.com/~smb/CVEs/CVE-2010-1451/patches/dapper/linux/0001-sparc64-Fix-sun4u-execute-bit-check-in-TSB-I-TLB-load.txt

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2010-1451

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading