Release date: 2010-09-09
Updated on: 2010-09-30
 
Affected Systems:
Linux kernel 2.6.x
Unaffected system:
Linux kernel 2.6.36-rc4
Description:
--------------------------------------------------------------------------------
Bugtraq id: 43098
Cve id: CVE-2010-3084
 
Linux Kernel is the Kernel used by the Linux operating system.
 
The niu_get_ethtool_tcam_all () function in the drivers/net/niu. c file of Linux Kernel assumes that the output buffer size is appropriate. Otherwise, a warning is given. However, the size of the output buffer is controlled by the user. The local user can trigger the overflow through the ETHTOOL_GRXCLSRLALL ethtool command, resulting in DOS.
 
<* Source: Ben huchings (ben@decadent.org.uk)
Link: https://bugzilla.redhat.com/show_bug.cgi? Format = multiple & amp; id = 632069
*>
 
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://git.kernel.org /? P = linux/kernel/git/torvalds/linux-2.6.git; a = commit; h = ee9c5cfad29c8a13tms62614b9b16f1c4137ac9