Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2010-4249

Disclosure Date: November 29, 2010 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Products

References

Canonical

CVE-2010-4249 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4249)

BID-45037 (http://www.securityfocus.com/bid/45037)

Advisory

SECUNIA-42354 (http://secunia.com/advisories/42354)

20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (http://www.securityfocus.com/archive/1/520102/100/0/threaded)

SECUNIA-46397 (http://secunia.com/advisories/46397)

[oss-security] 20101124 Re: CVE request: kernel: unix socket local dos (http://www.openwall.com/lists/oss-security/2010/11/24/10)

FEDORA-2010-18983 (http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html)

http://www.redhat.com/support/errata/RHSA-2011-0007.html

[oss-security] 20101124 CVE request: kernel: unix socket local dos (http://www.openwall.com/lists/oss-security/2010/11/24/2)

[linux-kernel] 20101123 Unix socket local DOS (OOM) (http://lkml.org/lkml/2010/11/23/395)

https://bugzilla.redhat.com/show_bug.cgi?id=656756

ADV-2010-3321 (http://www.vupen.com/english/advisories/2010/3321)

SECUNIA-42963 (http://secunia.com/advisories/42963)

[linux-kernel] 20101125 Simple kernel attack using socketpair. easy, 100% reproductiblle, works under guest. no way to protect :( (http://lkml.org/lkml/2010/11/25/8)

http://www.vmware.com/security/advisories/VMSA-2011-0012.html

[netdev] 20101124 [PATCH] af_unix: limit unix_tot_inflight (http://marc.info?l=linux-netdev&m=129059035929046&w=2)

SECUNIA-42890 (http://secunia.com/advisories/42890)

http://www.redhat.com/support/errata/RHSA-2011-0162.html

http://git.kernel.org?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=9915672d41273f5b77f1b3c29b391ffb7732b84b

EXPLOIT-DB-15622 (http://www.exploit-db.com/exploits/15622)

ADV-2011-0168 (http://www.vupen.com/english/advisories/2011/0168)

SECUNIA-42745 (http://secunia.com/advisories/42745)

http://www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2

[linux-kernel] 20101124 [PATCH net-next-2.6] scm: lower SCM_MAX_FD (http://lkml.org/lkml/2010/11/23/450)

Miscellaneous

http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=9915672d41273f5b77f1b3c29b391ffb7732b84b

http://marc.info/?l=linux-netdev&m=129059035929046&w=2

http://www.exploit-db.com/exploits/15622/

Rapid7

Technical Analysis