CVE-2010-2492

CVE Database · CVE-2010-2492

CVE-2010-2492

· HIGHModified

CVSS v3.1

7.8

EPSS

0.43%

Published

Sep 8, 2010

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120

Affected Products (22)

linux · linux_kernel (up to 2.6.35)vulnerable

vmware · esxvulnerable

avaya · aura_communication_managervulnerable

avaya · aura_presence_servicesvulnerable

avaya · aura_session_managervulnerable

References (20)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff

http://secunia.com/advisories/42890

Broken Link

http://secunia.com/advisories/46397

Broken Link

http://support.avaya.com/css/P8/documents/100113326

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2010:172

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2010:198

Broken Link

KEV Catalog EPSS Scores Vendors All CVEs