CVE-2010-4249

MEDIUM

Description

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

References

http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=9915672d41273f5b77f1b3c29b391ffb7732b84b

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html

http://lkml.org/lkml/2010/11/23/395

http://lkml.org/lkml/2010/11/23/450

http://lkml.org/lkml/2010/11/25/8

http://marc.info/?l=linux-netdev&m=129059035929046&w=2

http://secunia.com/advisories/42354

http://secunia.com/advisories/42745

http://secunia.com/advisories/42890

http://secunia.com/advisories/42963

http://secunia.com/advisories/46397

http://www.exploit-db.com/exploits/15622/

http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2

http://www.openwall.com/lists/oss-security/2010/11/24/10

http://www.openwall.com/lists/oss-security/2010/11/24/2

http://www.redhat.com/support/errata/RHSA-2011-0007.html

http://www.redhat.com/support/errata/RHSA-2011-0162.html

http://www.securityfocus.com/archive/1/520102/100/0/threaded

http://www.securityfocus.com/bid/45037

http://www.vmware.com/security/advisories/VMSA-2011-0012.html

http://www.vupen.com/english/advisories/2010/3321

http://www.vupen.com/english/advisories/2011/0168

https://bugzilla.redhat.com/show_bug.cgi?id=656756

Details

Source: MITRE

Published: 2010-11-29

Updated: 2020-08-14

Type: CWE-400

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

ID	Name	Product	Family	Severity
89680	VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0012) (remote check)	Nessus	Misc.	high
83603	SUSE SLES10 Security Update : kernel (SUSE-SU-2013:1832-1)	Nessus	SuSE Local Security Checks	high
79507	OracleVM 2.2 : kernel (OVMSA-2013-0039)	Nessus	OracleVM Local Security Checks	critical
74801	openSUSE Security Update : kernel (openSUSE-SU-2012:1439-1)	Nessus	SuSE Local Security Checks	critical
74658	openSUSE Security Update : Kernel (openSUSE-SU-2012:0799-1)	Nessus	SuSE Local Security Checks	critical
68414	Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2010)	Nessus	Oracle Linux Local Security Checks	medium
68207	Oracle Linux 5 : kernel (ELSA-2011-0303)	Nessus	Oracle Linux Local Security Checks	medium
68182	Oracle Linux 4 : kernel (ELSA-2011-0162)	Nessus	Oracle Linux Local Security Checks	medium
68177	Oracle Linux 6 : kernel (ELSA-2011-0007)	Nessus	Oracle Linux Local Security Checks	high
65101	Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1083-1)	Nessus	Ubuntu Local Security Checks	critical
65103	Ubuntu 10.04 LTS / 10.10 : linux-mvl-dove vulnerabilities (USN-1093-1)	Nessus	Ubuntu Local Security Checks	high
60967	Scientific Linux Security Update : kernel on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
60938	Scientific Linux Security Update : kernel on SL4.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
59161	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7915)	Nessus	SuSE Local Security Checks	high
57659	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7918)	Nessus	SuSE Local Security Checks	high
56508	VMSA-2011-0012 : VMware ESXi and ESX updates to third-party libraries and ESX Service Console	Nessus	VMware ESX Local Security Checks	high
55784	Ubuntu 8.04 LTS : linux vulnerabilities (USN-1186-1)	Nessus	Ubuntu Local Security Checks	medium
55591	Ubuntu 11.04 : linux vulnerabilities (USN-1167-1)	Nessus	Ubuntu Local Security Checks	high
55077	USN-1119-1 : linux-ti-omap4 vulnerabilities	Nessus	Ubuntu Local Security Checks	high
55069	Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1111-1)	Nessus	Ubuntu Local Security Checks	high
53422	CentOS 5 : kernel (CESA-2011:0303)	Nessus	CentOS Local Security Checks	medium
52488	RHEL 5 : kernel (RHSA-2011:0303)	Nessus	Red Hat Local Security Checks	medium
52476	Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1073-1)	Nessus	Ubuntu Local Security Checks	high
51847	Ubuntu 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1054-1)	Nessus	Ubuntu Local Security Checks	high
51818	Debian DSA-2153-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high
51786	CentOS 4 : kernel (CESA-2011:0162)	Nessus	CentOS Local Security Checks	medium
51569	RHEL 4 : kernel (RHSA-2011:0162)	Nessus	Red Hat Local Security Checks	medium
51500	RHEL 6 : kernel (RHSA-2011:0007)	Nessus	Red Hat Local Security Checks	high
51374	Fedora 13 : kernel-2.6.34.7-66.fc13 (2010-18983)	Nessus	Fedora Local Security Checks	high
801505	CentOS RHSA-2011-0303 Security Check	Log Correlation Engine	Generic	high
801503	CentOS RHSA-2011-0162 Security Check	Log Correlation Engine	Generic	high

CVE-2010-4249

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

critical

critical

critical

medium

medium

medium

high

critical

high

medium

medium

high

high

high

medium

high

high

high

medium

medium

high

high

high

medium

medium

high

high

high

high