CVE-2010-1148 - OpenCVE

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.samba.org/archive/linux-cifs-client/2010-April/005741.html
http://lists.samba.org/archive/linux-cifs-client/2010-April/005742.html
http://lists.samba.org/archive/linux-cifs-client/2010-April/005746.html
http://lists.samba.org/archive/linux-cifs-client/2010-April/005757.html
http://marc.info/?l=oss-security&m=127045754521927&w=2
http://marc.info/?l=oss-security&m=127045779122119&w=2
http://openwall.com/lists/oss-security/2010/04/06/2
http://secunia.com/advisories/39344
http://www.securityfocus.com/bid/39186
http://xorl.wordpress.com/2010/04/05/linux-kernel-unix-extensions-cifs-null-pointer-dereference/
https://bugzilla.redhat.com/show_bug.cgi?id=579445
https://exchange.xforce.ibmcloud.com/vulnerabilities/57561
https://nvd.nist.gov/vuln/detail/CVE-2010-1148
https://www.cve.org/CVERecord?id=CVE-2010-1148

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-04-12T17:00:00

Updated: 2024-08-07T01:14:05.868Z

Reserved: 2010-03-29T00:00:00

Link: CVE-2010-1148

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2010-04-12T17:30:00.447

Modified: 2020-08-28T16:22:32.760

Link: CVE-2010-1148

Redhat

Severity : Moderate

Publid Date: 2010-04-02T00:00:00Z

Links: CVE-2010-1148 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-04-02T00:00:00", "descriptions": [{"lang": "en", "value": "The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20100405 Re: CVE request: kernel: cifs: cifs_create() NULL pointer dereference", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2010/04/06/2"}, {"name": "[linux-cifs-client] 20100402 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005746.html"}, {"name": "linux-kernel-cifscreate-dos(57561)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57561"}, {"name": "[linux-cifs-client] 20100404 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005757.html"}, {"name": "39186", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/39186"}, {"tags": ["x_refsource_MISC"], "url": "http://xorl.wordpress.com/2010/04/05/linux-kernel-unix-extensions-cifs-null-pointer-dereference/"}, {"name": "39344", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39344"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=579445"}, {"name": "[oss-security] 20100405 Re: CVE request: kernel: cifs: cifs_create() NULL pointer dereference", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127045779122119&w=2"}, {"name": "[linux-cifs-client] 20100402 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005742.html"}, {"name": "[linux-cifs-client] 20100402 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005741.html"}, {"name": "[oss-security] 20100405 CVE request: kernel: cifs: cifs_create() NULL pointer dereference", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=127045754521927&w=2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:14:05.868Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20100405 Re: CVE request: kernel: cifs: cifs_create() NULL pointer dereference", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2010/04/06/2"}, {"name": "[linux-cifs-client] 20100402 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005746.html"}, {"name": "linux-kernel-cifscreate-dos(57561)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57561"}, {"name": "[linux-cifs-client] 20100404 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005757.html"}, {"name": "39186", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/39186"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://xorl.wordpress.com/2010/04/05/linux-kernel-unix-extensions-cifs-null-pointer-dereference/"}, {"name": "39344", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39344"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=579445"}, {"name": "[oss-security] 20100405 Re: CVE request: kernel: cifs: cifs_create() NULL pointer dereference", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127045779122119&w=2"}, {"name": "[linux-cifs-client] 20100402 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005742.html"}, {"name": "[linux-cifs-client] 20100402 [patch] skip posix open if nameidata is null", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005741.html"}, {"name": "[oss-security] 20100405 CVE request: kernel: cifs: cifs_create() NULL pointer dereference", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=127045754521927&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-1148", "datePublished": "2010-04-12T17:00:00", "dateReserved": "2010-03-29T00:00:00", "dateUpdated": "2024-08-07T01:14:05.868Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "48803959-D315-4365-A7B2-29AF4AAD950A", "versionEndIncluding": "2.6.33.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions."}, {"lang": "es", "value": "La funci\u00f3n cifs_create en fs/cifs/dir.c en el kernel de Linux v2.6.33.2 y anteriores permite a usuarios locales causar una denegaci\u00f3n de servicio (referencias de puntero nulo y OOPS) o posiblemente tener un impacto no especificado a trav\u00e9s de un campo nameidata NULL (tambien llamado nd) en una solicitud de creaci\u00f3n de archivos POSIX a un servidor que soporta extensiones UNIX."}], "id": "CVE-2010-1148", "lastModified": "2020-08-28T16:22:32.760", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-04-12T17:30:00.447", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005741.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005742.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005746.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://lists.samba.org/archive/linux-cifs-client/2010-April/005757.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=oss-security&m=127045754521927&w=2"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=oss-security&m=127045779122119&w=2"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2010/04/06/2"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/39344"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/39186"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://xorl.wordpress.com/2010/04/05/linux-kernel-unix-extensions-cifs-null-pointer-dereference/"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=579445"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57561"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 and Red Hat Enterprise MRG as they did not include support for POSIX opens on lookup.", "lastModified": "2010-04-30T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}