Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-4249

Опубликовано: 29 нояб. 2010
Источник: nvd
CVSS2: 4.9
EPSS Низкий

Описание

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 2.6.37 (исключая)
cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

EPSS

Процентиль: 30%
0.00108
Низкий

4.9 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

ubuntu логотип

CVE-2010-4249

ubuntu
больше 14 лет назад

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

redhat логотип

CVE-2010-4249

redhat
больше 14 лет назад

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

debian логотип

CVE-2010-4249

debian
больше 14 лет назад

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kerne ...

github логотип

GHSA-g6g8-jgp3-m382

github
около 3 лет назад

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

oracle-oval логотип

ELSA-2011-2010

oracle-oval
больше 14 лет назад

ELSA-2011-2010: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)

EPSS

Процентиль: 30%
0.00108
Низкий

4.9 Medium

CVSS2

Дефекты

CWE-400