Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-4165
HistoryNov 22, 2010 - 12:00 a.m.

CVE-2010-4165

2010-11-2200:00:00
ubuntu.com
ubuntu.com
10

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before
2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which
allows local users to cause a denial of service (OOPS) via a setsockopt
call that specifies a small value, leading to a divide-by-zero error or
incorrect use of a signed integer.

Bugs

Notes

Author Note
mdeslaur introduced by http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f5fff5dc8a7a3f395b0525c02ba92c95d42b7390
jdstrand commit introduced in 2008/09/21. Dapper not affected 2.6.15-57.94. Marking back to ‘needed’
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-29.92UNKNOWN
ubuntu9.10noarchlinux< 2.6.31-22.73UNKNOWN
ubuntu10.04noarchlinux< 2.6.32-28.52UNKNOWN
ubuntu10.10noarchlinux< 2.6.35-25.43UNKNOWN
ubuntu11.04noarchlinux< 2.6.37-5.13UNKNOWN
ubuntu9.10noarchlinux-ec2< 2.6.31-307.27UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-312.24UNKNOWN
ubuntu9.10noarchlinux-fsl-imx51< 2.6.31-112.30UNKNOWN
ubuntu10.04noarchlinux-fsl-imx51< 2.6.31-608.22UNKNOWN
ubuntu10.04noarchlinux-lts-backport-maverick< 2.6.35-25.44~lucid1UNKNOWN
Rows per page:
1-10 of 131

Related

packetstorm 2
prion 1
seebug 5
exploitpack 2
veracode 1
cve 1
exploitdb 2
openvas 30
oraclelinux 2
nessus 16
redhat 2
securityvulns 2
ubuntu 8
fedora 3
suse 4
packetstorm
packetstorm
Linux Kernel 2.6 TCP_MAXSEG Denial Of Service
2011-03-10 00:00:00
Linux Kernel 2.6.37 Denial Of Service
2011-03-01 00:00:00
prion
prion
Design/Logic Flaw
2010-11-22 13:00:00
seebug
seebug
Linux Kernel &lt; 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
2011-03-14 00:00:00
Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
2014-07-01 00:00:00
Linux Kernel &lt;= 2.6.37 Local Kernel Denial of Service
2011-03-02 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.37-rc2 - TCP_MAXSEG Kernel Panic (Denial of Service) (2)
2011-03-10 00:00:00
Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)
2011-03-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:58:27
cve
cve
CVE-2010-4165
2010-11-22 13:00:00
exploitdb
exploitdb
Linux Kernel &lt; 2.6.37-rc2 - &#039;TCP_MAXSEG&#039; Kernel Panic (Denial of Service) (2)
2011-03-10 00:00:00
Linux Kernel 2.6.37 - Local Kernel Denial of Service (1)
2011-03-02 00:00:00
openvas
openvas
RedHat Update for kernel RHSA-2011:0283-01
2012-07-09 00:00:00
Oracle: Security Advisory (ELSA-2011-0283)
2015-10-06 00:00:00
RedHat Update for kernel RHSA-2011:0283-01
2012-07-09 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2011-02-23 00:00:00
Oracle Linux 6 Unbreakable Enterprise kernel security fix update
2011-03-16 00:00:00
nessus
nessus
RHEL 6 : kernel (RHSA-2011:0283)
2011-02-23 00:00:00
Scientific Linux Security Update : kernel on SL6.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 6 : kernel (ELSA-2011-0283)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2011:0283) Moderate: kernel security, bug fix, and enhancement update
2011-02-22 00:00:00
(RHSA-2011:0330) Important: kernel-rt security and bug fix update
2011-03-10 00:00:00
securityvulns
securityvulns
[USN-1054-1] Linux kernel vulnerabilities
2011-02-02 00:00:00
Linux kernel multiple security vulnerabilities
2011-02-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-08-09 00:00:00
Linux kernel vulnerabilities
2011-02-01 00:00:00
Linux kernel vulnerabilities
2011-02-25 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.11-83.fc14
2011-02-10 21:27:10
[SECURITY] Fedora 13 Update: kernel-2.6.34.8-68.fc13
2011-03-07 21:06:13
[SECURITY] Fedora 13 Update: kernel-2.6.34.9-69.fc13
2011-06-21 17:22:40
suse
suse
local privilege escalation in kernel
2011-01-14 16:35:40
potential local privilege escalation in kernel
2011-01-03 15:33:25
local privilege escalation, remote denial of in kernel
2011-01-03 15:33:10

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON
Related for UB:CVE-2010-4165
packetstorm2prion1seebug5exploitpack2veracode1cve1exploitdb2openvas30oraclelinux2nessus16redhat2securityvulns2ubuntu8fedora3suse4