Описание
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 2.6.39-0.0 |
| hardy | released | 2.6.24-28.86 |
| karmic | released | 2.6.31-22.73 |
| lucid | released | 2.6.32-29.58 |
| maverick | released | 2.6.35-27.47 |
| natty | released | 2.6.37-5.13 |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| karmic | released | 2.6.31-307.27 |
| lucid | released | 2.6.32-313.26 |
| maverick | ignored | end of life |
| natty | DNE | |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| karmic | released | 2.6.31-112.30 |
| lucid | released | 2.6.31-609.26 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| karmic | DNE | |
| lucid | released | 2.6.35-28.50~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | DNE | |
| lucid | not-affected | 2.6.38-1.27~lucid1 |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | DNE | |
| karmic | ignored | end of life |
| lucid | released | 2.6.32-215.31 |
| maverick | released | 2.6.32-415.32 |
| natty | DNE | |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.6.15-55.93 |
| devel | DNE | |
| hardy | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| upstream | released | 2.6.37~rc2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 2.6.38-1309.13 |
| hardy | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | released | 2.6.35-903.23 |
| natty | not-affected | 2.6.38-1201.2 |
| upstream | released | 2.6.37~rc2 |
Показывать по
Ссылки на источники
EPSS
4.9 Medium
CVSS2
Связанные уязвимости
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not pr ...
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.
ELSA-2011-0004: kernel security, bug fix, and enhancement update (IMPORTANT)
EPSS
4.9 Medium
CVSS2