CVE-2010-2240 in Kernelinfo

Summary

The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

06/09/2010

Disclosure

09/03/2010

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

9.3

EPSS

0.00135

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-2240
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-2240
CVE Details	https://www.cvedetails.com/cve/CVE-2010-2240/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!