CVE-2010-0729 — Redhat Enterprise Linux vulnerability

CWE-2644 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.0%

top 85.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise Linux

Timeline

PublishedMar 16

Latest updateMay 2

Description

A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrary process, and consequently gain privileges, via vectors related to a missing ptrace_check_attach call.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages0 packages

Also affects: Enterprise Linux 4

🔴Vulnerability Details

GHSA

GHSA-j9v2-xqcm-89x8: A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrar↗2022-05-02

▶

📋Vendor Advisories

Red Hat

kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach()↗2010-02-22

▶

💬Community

Bugzilla

CVE-2010-0729 kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach()↗2010-03-10

▶