Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-nadw-stt8-53b3
Vulnerability ID VCID-nadw-stt8-53b3
Aliases CVE-2010-2240
Summary kernel: mm: keep a guard page below a grow-down stack segment
Status Published
Exploitability 0.5
Weighted Severity 6.5
Risk 3.2
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2010-2240
cvssv2 7.2 https://nvd.nist.gov/vuln/detail/CVE-2010-2240
Reference id Reference type URL
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2240.json
https://api.first.org/data/v1/epss?cve=CVE-2010-2240
http://securitytracker.com/id?1024344
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://www.debian.org/security/2010/dsa-2094
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://www.redhat.com/support/errata/RHSA-2010-0660.html
http://www.redhat.com/support/errata/RHSA-2010-0670.html
http://www.redhat.com/support/errata/RHSA-2010-0882.html
http://www.securityfocus.com/archive/1/517739/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0007.html
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
606611 https://bugzilla.redhat.com/show_bug.cgi?id=606611
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:*
CVE-2010-2240 https://nvd.nist.gov/vuln/detail/CVE-2010-2240
RHSA-2010:0631 https://access.redhat.com/errata/RHSA-2010:0631
RHSA-2010:0660 https://access.redhat.com/errata/RHSA-2010:0660
RHSA-2010:0661 https://access.redhat.com/errata/RHSA-2010:0661
RHSA-2010:0670 https://access.redhat.com/errata/RHSA-2010:0670
RHSA-2010:0676 https://access.redhat.com/errata/RHSA-2010:0676
RHSA-2010:0677 https://access.redhat.com/errata/RHSA-2010:0677
RHSA-2010:0882 https://access.redhat.com/errata/RHSA-2010:0882
USN-1074-1 https://usn.ubuntu.com/1074-1/
USN-974-1 https://usn.ubuntu.com/974-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2010-2240
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.33193
EPSS Score 0.00135
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:57:06.788165+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2240.json 38.0.0