CVE-2010-3858

by Fred · 30/11/2010

The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.

Date published : 2010-11-30

http://www.securityfocus.com/bid/44301

http://www.securityfocus.com/archive/1/520102/100/0/threaded

CVE-2010-3858

Related

Recent Posts

Categories

Latest CWE

CVE-2010-3858

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE