Vulnerability Name:

CVE-2010-4649 (CCN-65346)

Assigned:2010-12-08
Published:2010-12-08
Updated:2023-02-13
Summary:Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.9 Medium (REDHAT CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.1 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2010-4649

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Linux Kernel Archives Web site
Linux Kernel Archives

Source: CCN
Type: RHSA-2011-0330
Important: kernel-rt security and bug fix update

Source: CCN
Type: RHSA-2011-0498
Important: kernel security, bug fix, and enhancement update

Source: CCN
Type: RHSA-2011-0927
Important: kernel security and bug fix update

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: DEBIAN
Type: DSA-2153
linux-2.6 -- privilege escalation/denial of service/information leak

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 71649
Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function Overflow

Source: CCN
Type: OSVDB ID: 72993
Linux Kernel drivers/infiniband/core/uverbs_cmd.c ib_uverbs_poll_cq Function Local Memory Disclosure

Source: CCN
Type: BID-46073
Linux Kernel 'ib_uverbs_poll_cq()' Integer Overflow Vulnerability

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 667916
CVE-2010-4649 kernel: IB/uverbs: Handle large number of entries in poll CQ

Source: secalert@redhat.com
Type: Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
linux-kernel-uverbs-code-execution(65346)

Source: SUSE
Type: SUSE-SA:2011:017
Linux kernel security problems

Source: SUSE
Type: SUSE-SA:2011:020
Linux kernel security update

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:2.6.34:-:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.6.z::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:42407
    P
    		Security update for containerd, docker and runc (Important)
    2022-07-08
    oval:org.opensuse.security:def:20104649
    V
    		CVE-2010-4649
    2022-05-20
    oval:org.opensuse.security:def:42198
    P
    		Security update for polkit (Moderate)
    2022-02-18
    oval:org.opensuse.security:def:26228
    P
    		Security update for ghostscript (Moderate)
    2022-01-14
    oval:org.opensuse.security:def:32286
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:26227
    P
    		Security update for the Linux Kernel (Important)
    2022-01-13
    oval:org.opensuse.security:def:32242
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-12-14
    oval:org.opensuse.security:def:31719
    P
    		Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:31718
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26179
    P
    		Security update for gmp (Moderate)
    2021-12-02
    oval:org.opensuse.security:def:31712
    P
    		Security update for xen (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:32220
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:26150
    P
    		Security update for util-linux (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:26143
    P
    		Security update for curl (Moderate)
    2021-10-11
    oval:org.opensuse.security:def:31270
    P
    		Security update for MozillaFirefox (Important)
    2021-09-22
    oval:org.opensuse.security:def:31684
    P
    		Security update for MozillaFirefox (Important)
    2021-09-22
    oval:org.opensuse.security:def:26126
    P
    		Security update for Mesa (Moderate)
    2021-09-16
    oval:org.opensuse.security:def:32181
    P
    		Security update for xen (Important)
    2021-09-06
    oval:org.opensuse.security:def:26117
    P
    		Security update for xen (Important)
    2021-09-02
    oval:org.opensuse.security:def:31259
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:31258
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:32172
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:32963
    P
    		Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:26086
    P
    		Security update for libsolv (Important)
    2021-06-28
    oval:org.opensuse.security:def:32132
    P
    		Security update for libnettle (Important)
    2021-06-23
    oval:org.opensuse.security:def:26074
    P
    		Security update for freeradius-server (Moderate)
    2021-06-11
    oval:org.opensuse.security:def:26073
    P
    		Security update for libjpeg-turbo (Moderate)
    2021-06-11
    oval:org.opensuse.security:def:42659
    P
    		ofed-1.5.4.1-20.26 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36525
    P
    		ofed-devel-1.5.4.1-20.26 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36252
    P
    		ofed-1.5.4.1-20.26 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26059
    P
    		Security update for postgresql12 (Moderate)
    2021-05-27
    oval:org.opensuse.security:def:32085
    P
    		Security update for tomcat (Important)
    2021-04-29
    oval:org.opensuse.security:def:32076
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:32078
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:31344
    P
    		Security update for java-1_7_1-ibm (Important)
    2021-02-18
    oval:org.opensuse.security:def:31730
    P
    		Security update for bind (Important)
    2021-02-18
    oval:org.opensuse.security:def:26075
    P
    		Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:32924
    P
    		Security update for perl-Convert-ASN1 (Moderate)
    2021-01-19
    oval:org.opensuse.security:def:31625
    P
    		Security update for flac (Moderate)
    2021-01-04
    oval:org.opensuse.security:def:31568
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:25975
    P
    		Security update for openssl-1_0_0 (Important)
    2020-12-09
    oval:org.opensuse.security:def:32012
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:25971
    P
    		Security update for fontforge (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:35791
    P
    		ofed-1.5.2-0.22.23 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36000
    P
    		ofed-1.5.4.1-0.11.5 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25626
    P
    		Security update for libqt5-qtbase (Important)
    2020-12-01
    oval:org.opensuse.security:def:27215
    P
    		libsndfile on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25545
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26577
    P
    		kvm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25417
    P
    		Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31920
    P
    		Security update for ghostscript-library (Important)
    2020-12-01
    oval:org.opensuse.security:def:26533
    P
    		cups on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25353
    P
    		Security update for libzypp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31833
    P
    		Security update for bind (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26519
    P
    		PackageKit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33215
    P
    		ofed on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25342
    P
    		Security update for raptor (Important)
    2020-12-01
    oval:org.opensuse.security:def:31776
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26480
    P
    		Security update for okular (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33176
    P
    		libpython2_6-1_0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25341
    P
    		Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31476
    P
    		Security update for puppet
    2020-12-01
    oval:org.opensuse.security:def:26431
    P
    		Security update for tor (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32538
    P
    		kernel-default on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26378
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:32494
    P
    		cifs-mount on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32472
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:32433
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:27523
    P
    		ofed-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25834
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32384
    P
    		Security update for tiff (Low)
    2020-12-01
    oval:org.opensuse.security:def:27488
    P
    		libssh2-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25753
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:32328
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26850
    P
    		LibVNCServer on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25625
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26806
    P
    		perl-libwww-perl on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25561
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26792
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25550
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:32028
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26753
    P
    		libmysqlclient15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26790
    P
    		ofed on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25549
    P
    		Security update for tigervnc (Important)
    2020-12-01
    oval:org.opensuse.security:def:26704
    P
    		g3utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26755
    P
    		libnetpbm10 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31552
    P
    		Security update for socat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26651
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31478
    P
    		Security update for puppet (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26500
    P
    		Security update for ffmpeg-4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31467
    P
    		Security update for postgresql94 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26416
    P
    		Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32755
    P
    		ofed on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31466
    P
    		Security update for postgresql94 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26359
    P
    		Security update for phpMyAdmin (Important)
    2020-12-01
    oval:org.opensuse.security:def:26020
    P
    		Security update for libraw (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32716
    P
    		libltdl7 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26005
    P
    		Security update for libcdio (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25877
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:25918
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32034
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25813
    P
    		Security update for libssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25767
    P
    		Security update for DirectFB (Important)
    2020-12-01
    oval:org.opensuse.security:def:25802
    P
    		Recommended update for LibreOffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25683
    P
    		Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31973
    P
    		Security update for jakarta-taglibs-standard (Important)
    2020-12-01
    oval:org.opensuse.security:def:26998
    P
    		ofed on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25801
    P
    		Security update for libvdpau (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31936
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:31924
    P
    		Security update for ghostscript-library (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26963
    P
    		libpng12-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31804
    P
    		Security update for ant (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31868
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26325
    P
    		Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:26281
    P
    		Security update for hexchat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26267
    P
    		Security update for xawtv (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26278
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25891
    P
    		Security update for libimobiledevice, usbmuxd (Important)
    2020-12-01
    oval:org.opensuse.security:def:27250
    P
    		ofed on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:28004
    P
    		ELSA-2011-2015 -- Oracle Linux 6 Unbreakable Enterprise kernel security fix update (important)
    2015-03-16
    oval:org.mitre.oval:def:14810
    P
    		USN-1186-1 -- Linux kernel vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13193
    P
    		USN-1080-1 -- linux vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:15138
    P
    		USN-1187-1 -- Linux kernel (Maverick backport) vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13433
    P
    		USN-1093-1 -- linux-mvl-dove vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:15142
    P
    		USN-1204-1 -- Linux kernel (i.MX51) vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13765
    P
    		USN-1080-2 -- linux-ec2 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:15398
    P
    		USN-1202-1 -- Linux kernel (OMAP4) vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:12956
    P
    		USN-1081-1 -- linux vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:12874
    P
    		DSA-2153-1 linux-2.6 -- privilege escalation/denial of service/information leak
    2014-06-23
    oval:org.mitre.oval:def:23330
    P
    		ELSA-2011:0927: kernel security and bug fix update (Important)
    2014-05-26
    oval:org.mitre.oval:def:23384
    P
    		ELSA-2011:0498: kernel security, bug fix, and enhancement update (Important)
    2014-05-26
    oval:org.mitre.oval:def:21896
    P
    		RHSA-2011:0927: kernel security and bug fix update (Important)
    2014-02-24
    oval:org.mitre.oval:def:21924
    P
    		RHSA-2011:0498: kernel security, bug fix, and enhancement update (Important)
    2014-02-24
    oval:org.mitre.oval:def:20528
    V
    		VMware ESXi and ESX updates to third party library and ESX Service Console
    2014-01-20
    oval:com.redhat.rhsa:def:20110927
    P
    		RHSA-2011:0927: kernel security and bug fix update (Important)
    2011-07-15
    oval:com.redhat.rhsa:def:20110498
    P
    		RHSA-2011:0498: kernel security, bug fix, and enhancement update (Important)
    2011-05-10
    BACK
    linux linux kernel 2.6.34
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    redhat enterprise linux eus 5.6.z
    redhat enterprise linux long life 5.6