CVE-2010-0291

Description

The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."

Category

4.6
CVSS
Severity: Medium
CVSS 2.0 •
EPSS 0.09%
Vendor Advisory debian.org Vendor Advisory debian.org Vendor Advisory redhat.com Vendor Advisory kernel.org
Affected: n/a n/a
Published at:
Updated at:

References

Link Tags
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ecc1a8993751de4e82eb18640d631dae1f626bd6
http://groups.google.co.jp/group/fa.linux.kernel/browse_thread/thread/8bf22336b1082090 third party advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0ec62d290912bb4b989be7563851bc364ec73b56
http://marc.info/?l=oss-security&m=126400443123998&w=2 third party advisory mailing list
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05d72faa6d13c9d857478a5d35c85db9adada685
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=54f5de709984bae0d31d823ff03de755f9dcac54
http://marc.info/?l=oss-security&m=126399980216047&w=2 third party advisory mailing list
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11824 vdb entry third party advisory signature
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4 patch vendor advisory
http://groups.google.com/group/linux.kernel/msg/895f20870532241e third party advisory mailing list
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e77414e0aad6a1b063ba5e5750c582c75327ea6a
http://marc.info/?l=oss-security&m=126396065732697&w=2 third party advisory mailing list
http://marc.info/?l=linux-arch&m=126004438008670&w=2 third party advisory mailing list
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f106af4e90eadd76cfc0b5325f659619e08fb762
http://marc.info/?l=oss-security&m=126396609004884&w=2 third party advisory mailing list
http://marc.info/?l=oss-security&m=126395874130875&w=2 third party advisory mailing list
http://marc.info/?l=oss-security&m=126406814304720&w=2 third party advisory mailing list
http://www.debian.org/security/2010/dsa-1996 third party advisory vendor advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2ea1d13f64efdf49319e86c87d9ba38c30902782
http://secunia.com/advisories/43315 third party advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=aa65607373a4daf2010e8c3867b6317619f3c1a3
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2c6a10161d0b5fc047b5bd81b03693b9af99fab5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=564b3bffc619dcbdd160de597b0547a7017ea010
http://secunia.com/advisories/39033 third party advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0067bd8a55862ac9dd212bd1c4f6f5bff1ca1301
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bb52d6694002b9d632bb355f64daa045c6293a4e
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=570dcf2c15463842e384eb597a87c1e39bead99b
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9206de95b1ea68357996ec02be5db0638a0de2c1
http://www.vmware.com/security/advisories/VMSA-2011-0003.html third party advisory
http://marc.info/?l=oss-security&m=126388181420690&w=2 third party advisory mailing list
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=935874141df839c706cd6cdc438e85eb69d1525e
http://www.securityfocus.com/bid/37906 vdb entry third party advisory
http://www.debian.org/security/2010/dsa-2005 third party advisory vendor advisory
http://www.securityfocus.com/archive/1/516397/100/0/threaded mailing list vdb entry third party advisory
http://marc.info/?l=oss-security&m=126393370931972&w=2 third party advisory mailing list
https://bugzilla.redhat.com/show_bug.cgi?id=556703 issue tracking third party advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=097eed103862f9c6a97f2e415e21d1134017b135
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c4caa778157dbbf04116f0ac2111e389b5cd7a29
http://secunia.com/advisories/38492 third party advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a0ef85f84feb13f07b604fcf5b90ef7c2b5c82f
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8b7256096a20436f6d0926747e3ac3d64c81d24
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c7b49b3ecd48923eb64ff57e07a1cdb74782970
http://www.redhat.com/support/errata/RHSA-2010-0161.html third party advisory vendor advisory

Frequently Asked Questions

What is the severity of CVE-2010-0291?
CVE-2010-0291 has been scored as a medium severity vulnerability.
How to fix CVE-2010-0291?
To fix CVE-2010-0291, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2010-0291 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2010-0291 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.