Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3880

Опубликовано: 10 дек. 2010
Источник: nvd
CVSS2: 4.9
EPSS Низкий

Описание

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 2.6.37 (исключая)
cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 33%
0.00127
Низкий

4.9 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

ubuntu логотип

CVE-2010-3880

ubuntu
больше 14 лет назад

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

redhat логотип

CVE-2010-3880

redhat
больше 14 лет назад

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

debian логотип

CVE-2010-3880

debian
больше 14 лет назад

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not pr ...

github логотип

GHSA-mrx3-23h7-m29p

github
около 3 лет назад

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

oracle-oval логотип

ELSA-2011-0004

oracle-oval
больше 14 лет назад

ELSA-2011-0004: kernel security, bug fix, and enhancement update (IMPORTANT)

EPSS

Процентиль: 33%
0.00127
Низкий

4.9 Medium

CVSS2

Дефекты

CWE-835