CVE-2010-2492

Description

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.

CVSS breakdown

Affected products

• Avaya / aura_communication_manager5.2 – 5.2
• Avaya / aura_presence_services6.0 – 6.0
• Avaya / aura_presence_services6.1 – 6.1
• Avaya / aura_presence_services6.1.1 – 6.1.1
• Avaya / aura_session_manager5.2 – 5.2
• Avaya / aura_session_manager6.0 – 6.0
• Avaya / aura_session_manager1.1 – 1.1
• Avaya / Aura System Manager5.2 – 5.2
• Avaya / Aura System Manager6.1.1 – 6.1.1
• Avaya / Aura System Manager6.1 – 6.1
• Avaya / Aura System Manager6.0 – 6.0
• Avaya / aura_system_platform6.0 – 6.0
• Avaya / aura_system_platform1.1 – 1.1
• Avaya / aura_system_platform6.0 – 6.0
• Avaya / aura_voice_portal5.0 – 5.0
• Avaya / aura_voice_portal5.1 – 5.1
• Avaya / aura_voice_portal5.1 – 5.1
• Avaya / iq5.1 – 5.1
• Avaya / iq5.0 – 5.0
• Linux / Linux kernel2.6.35
• VMware / esx4.0 – 4.0
• VMware / esx4.1 – 4.1

References

• MISChttp://www.redhat.com/support/errata/RHSA-2010-0723.html
• MISChttp://www.securityfocus.com/archive/1/520102/100/0/threaded
• VENDOR_ADVISORYhttp://secunia.com/advisories/46397
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:198
• MISChttp://www.redhat.com/support/errata/RHSA-2011-0007.html
• MISChttps://bugzilla.redhat.com/show_bug.cgi?id=611385
• MISChttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35
• MISChttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff
• VENDOR_ADVISORYhttp://www.vmware.com/security/advisories/VMSA-2011-0012.html
• MISChttp://support.avaya.com/css/P8/documents/100113326
• VENDOR_ADVISORYhttp://secunia.com/advisories/42890
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:172