CVE-2010-0415
published 2010-02-17CVE-2010-0415: The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary…
PriorityP426medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
1.82%
76.0th percentile
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
Affected
136 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | <= 2.6.33 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
CVSS provenance
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_ubuntu4.7MEDIUM
vendor_redhat4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Linux Kernel 2.6.23 do_pages_move denial of service (EDB-40810 / Nessus ID 83005)
vuldb·2026-04-30·CVSS 4.6
CVE-2010-0415 [MEDIUM] Linux Kernel 2.6.23 do_pages_move denial of service (EDB-40810 / Nessus ID 83005)
A vulnerability identified as problematic has been detected in Linux Kernel 2.6.23. Affected by this vulnerability is the function do_pages_move. This manipulation causes denial of service.
This vulnerability is registered as CVE-2010-0415. The attack needs to be launched locally. Furthermore, an exploit is available.
GHSA
GHSA-m7qq-m29p-m373: The do_pages_move function in mm/migrate
ghsa_unreviewed·2022-05-02
CVE-2010-0415 [MEDIUM] GHSA-m7qq-m29p-m373: The do_pages_move function in mm/migrate
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
VMware
Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
vendor_vmware·2011-02-10·CVSS 5.0
CVE-2008-0085 [MEDIUM] Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
VMSA-2011-0003: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMware Security Advisory Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX VMware Security Advisory Issue date: VMware Security Advisory Updated on: VMware Security Advisory CVE numbers:
CVEs: CVE-2008-0085, CVE-2008-0086, CVE-2008-0106, CVE-2008-0107, CVE-2008-3825, CVE-2008-5416, CVE-2009-1384, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2009-3555, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0008, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085,
VMware
VMware ESX third party update for Service Console kernel
vendor_vmware·2010-11-29·CVSS 4.6
CVE-2010-0291 [MEDIUM] VMware ESX third party update for Service Console kernel
VMSA-2010-0017: VMware ESX third party update for Service Console kernel
a. Service Console OS update for COS kernel packag This patch updates the Service Console kernel to fix a stack pointer underflow issue in the 32-bit compatibility layer. Exploitation of this issue could allow a local user to gain additional privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-3081 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product ============= Product version ======== Running on ======= Replace with/ Apply Patch ================= VMware Product ============= VirtualCenter Product version ======== any Running on ======= Windows Replac
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2010-03-17·CVSS 4.7
CVE-2010-0307 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Linux kernel vulnerabilities
Mathias Krause discovered that the Linux kernel did not correctly handle
missing ELF interpreters. A local attacker could exploit this to cause the
system to crash, leading to a denial of service. (CVE-2010-0307)
Marcelo Tosatti discovered that the Linux kernel's hardware virtualization
did not correctly handle reading the /dev/port special device. A local
attacker in a guest operating system could issue a specific read that
would cause the host system to crash, leading to a denial of service.
(CVE-2010-0309)
Sebastian Krahmer discovered that the Linux kernel did not correctly
handle netlink connector messages. A local attacker could exploit this
to consume kernel memory, leading to a denial of service. (CVE-2010
Red Hat
kernel: sys_move_pages infoleak
vendor_redhat·2010-02-05·CVSS 4.6
CVE-2010-0415 [MEDIUM] kernel: sys_move_pages infoleak
kernel: sys_move_pages infoleak
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3 and 4, as they do not include support for sys_move_pages. It was only introduced in kernel version 2.6.18 onwards. This issue was addressed in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0147.html and https://rhn.redhat.com/errata/RHSA-2010-0161.html.
No detection rules found.
Exploit-DB
CubeCart PHP 4.3.x - 'shipkey' SQL Injection
exploitdb·2010-06-29·CVSS 7.5
CVE-2010-1931 [HIGH] CubeCart PHP 4.3.x - 'shipkey' SQL Injection
CubeCart PHP 4.3.x - 'shipkey' SQL Injection
---
SQL Injection in CubeCart PHP Free & Commercial Shopping Cart Application
1. *Advisory Information*
Title: SQL Injection in CubeCart PHP Free & Commercial Shopping Cart
Application
Advisory Id: CORE-2010-0415
Advisory URL:
[http://www.coresecurity.com/content/cubecart-php-shopping-cart-sql-injection]
Date published: 2010-06-08
Date of last update: 2010-06-08
Vendors contacted: CubeCart
Release mode: Coordinated release
2. *Vulnerability Information*
Class: SQL injection [CWE-89]
Impact: Code execution
Remotely Exploitable: Yes
Locally Exploitable: No
CVE Name: CVE-2010-1931
Bugtraq ID: N/A
3. *Vulnerability Description*
There is an SQL Injection[1] vulnerability in the CubeCart PHP
Shopping cart[2], this vulnerability may be explo
Exploit-DB
Linux Kernel 2.6.18 - 'move_pages()' Information Leak
exploitdb·2010-02-08
CVE-2010-0415 Linux Kernel 2.6.18 - 'move_pages()' Information Leak
Linux Kernel 2.6.18 - 'move_pages()' Information Leak
---
/* sieve (because the Linux kernel leaks like one, get it?)
Bug NOT discovered by Marcus Meissner of SuSE security
This bug was discovered by Ramon de Carvalho Valle in September of 2009
The bug was found via fuzzing, and on Sept 24th I was sent a POC DoS
for the bug (but had forgotten about it until now)
Ramon's report was sent to Novell's internal bugzilla, upon which
some months later Marcus took credit for discovering someone else's bug
Maybe he thought he could get away with it ;) Almost ;)
greets to pipacs, tavis (reciprocal greets!), cloudburst, and rcvalle!
first exploit of 2010, next one will be for a bugclass that has
afaik never been exploited on Linux before
note that this bug can also cause a DoS like so:
Unable t
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.htmlhttp://secunia.com/advisories/38492http://secunia.com/advisories/38557http://secunia.com/advisories/38779http://secunia.com/advisories/38922http://secunia.com/advisories/39033http://secunia.com/advisories/43315http://www.debian.org/security/2010/dsa-1996http://www.debian.org/security/2010/dsa-2005http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7http://www.mandriva.com/security/advisories?name=MDVSA-2010:066http://www.mandriva.com/security/advisories?name=MDVSA-2010:198http://www.openwall.com/lists/oss-security/2010/02/07/1http://www.openwall.com/lists/oss-security/2010/02/07/2http://www.openwall.com/lists/oss-security/2010/02/08/2http://www.redhat.com/support/errata/RHSA-2010-0147.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0161.htmlhttp://www.securityfocus.com/archive/1/516397/100/0/threadedhttp://www.securityfocus.com/bid/38144http://www.ubuntu.com/usn/USN-914-1http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlhttp://www.vupen.com/english/advisories/2010/0638https://bugzilla.redhat.com/show_bug.cgi?id=562582https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f5a55f1a6c5abee15a0e878e5c74d9f1569b8b0http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.htmlhttp://secunia.com/advisories/38492http://secunia.com/advisories/38557http://secunia.com/advisories/38779http://secunia.com/advisories/38922http://secunia.com/advisories/39033http://secunia.com/advisories/43315http://www.debian.org/security/2010/dsa-1996http://www.debian.org/security/2010/dsa-2005http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc7http://www.mandriva.com/security/advisories?name=MDVSA-2010:066http://www.mandriva.com/security/advisories?name=MDVSA-2010:198http://www.openwall.com/lists/oss-security/2010/02/07/1http://www.openwall.com/lists/oss-security/2010/02/07/2http://www.openwall.com/lists/oss-security/2010/02/08/2http://www.redhat.com/support/errata/RHSA-2010-0147.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0161.htmlhttp://www.securityfocus.com/archive/1/516397/100/0/threadedhttp://www.securityfocus.com/bid/38144http://www.ubuntu.com/usn/USN-914-1http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlhttp://www.vupen.com/english/advisories/2010/0638https://bugzilla.redhat.com/show_bug.cgi?id=562582https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9399
2010-02-17
Published