Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-1088

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.

Related bugs and status

CVE-2010-1088 (Candidate) is related to these bugs:

Bug #485556: inotify oops with wd == 4096

		In	Importance	Status
485556	inotify oops with wd == 4096	linux (Ubuntu)	Medium	Fix Released
485556	inotify oops with wd == 4096	Linux	Medium	Expired
485556	inotify oops with wd == 4096	linux (Ubuntu Hardy)	Undecided	Fix Released
485556	inotify oops with wd == 4096	linux (Ubuntu Intrepid)	Undecided	Won't Fix
485556	inotify oops with wd == 4096	linux (Ubuntu Lucid)	Medium	Fix Released
485556	inotify oops with wd == 4096	linux (Ubuntu Jaunty)	Undecided	Fix Released
485556	inotify oops with wd == 4096	linux (Ubuntu Dapper)	Undecided	Won't Fix
485556	inotify oops with wd == 4096	linux (Ubuntu Karmic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2010022...
CONFIRM: http://git.kernel.org/...
CONFIRM: https://bugzilla.redha...
SUSE: SUSE-SA:2010:019
SUSE: SUSE-SA:2010:023
BID: 39044
SECUNIA: 39742
MANDRIVA: MDVSA-2010:088
DEBIAN: DSA-2053
SECUNIA: 39830
MANDRIVA: MDVSA-2010:198
CONFIRM: http://www.vmware.com/...
SECUNIA: 43315
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20110211 VMSA-2011-000...