[email protected]CVE-2010-4161

HistoryDec 30, 2010 - 7:00 p.m.

CVE-2010-4161

2010-12-3019:00:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2010-4161

red hat

linux kernel

denial of service

udp

socket filter

nvd

5.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

41.4%

JSON

The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue to CVE-2010-4158.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.18
redhat:enterprise_linuxredhat enterprise linuxeq5

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.18
redhat:enterprise_linux	redhat enterprise linux	eq	5

References

secunia.com/advisories/42789

secunia.com/advisories/46397

www.redhat.com/support/errata/RHSA-2011-0004.html

www.securityfocus.com/archive/1/514845

www.securityfocus.com/archive/1/520102/100/0/threaded

www.spinics.net/lists/netdev/msg146404.html

www.vmware.com/security/advisories/VMSA-2011-0012.html

www.vupen.com/english/advisories/2011/0024

bugzilla.redhat.com/show_bug.cgi?id=651698

bugzilla.redhat.com/show_bug.cgi?id=652534

exchange.xforce.ibmcloud.com/vulnerabilities/64497

5.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

41.4%

JSON

Related for CVE-2010-4161

prion2 ubuntucve2 seebug2 veracode2 cve1 ubuntu9 openvas54 nessus36 centos2 redhat5 oraclelinux5 securityvulns4 vmware2 suse6 debian1 osv1 fedora3