Weekly Vulnerabilities Reports > September 27 to October 3, 2010

Overview

4 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 2 high severity vulnerabilities. This weekly summary report vulnerabilities in 15 products from 5 vendors including Linux, Canonical, Suse, Vmware, and Avaya. Vulnerabilities are notably categorized as "Information Exposure", and "NULL Pointer Dereference".

  • 1 reported vulnerabilities are remotely exploitables.
  • Linux has the most reported vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

0 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

2 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-09-30 CVE-2010-2943 Linux
Canonical
Vmware
Avaya
Information Exposure vulnerability in multiple products

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

8.1
2010-09-30 CVE-2010-2537 Linux
Canonical
Suse
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
7.1

2 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-09-30 CVE-2010-3079 Linux
Canonical
Suse
NULL Pointer Dereference vulnerability in multiple products

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cause a denial of service (NULL pointer dereference and outage of all function tracing files) via an lseek call on a file descriptor associated with the set_ftrace_filter file.

5.5
2010-09-30 CVE-2010-2538 Linux
Canonical
Suse
Information Exposure vulnerability in multiple products

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

5.5

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS