CVE-2010-4526
11.01.2011, 03:00
Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function.
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 2.6.11.1 ≤ 𝑥 ≤ 2.6.33 |
| linux | linux_kernel | 2.6.11:rc2 |
| linux | linux_kernel | 2.6.11:rc3 |
| linux | linux_kernel | 2.6.11:rc4 |
| linux | linux_kernel | 2.6.11:rc5 |
| redhat | enterprise_mrg | 1.0 |
| vmware | esx | 4.0 |
| vmware | esx | 4.1 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||||
| linux-ec2 |
| ||||||||||||
| linux-fsl-imx51 |
| ||||||||||||
| linux-lts-backport-maverick |
| ||||||||||||
| linux-lts-backport-natty |
| ||||||||||||
| linux-mvl-dove |
| ||||||||||||
| linux-source-2.6.15 |
| ||||||||||||
| linux-ti-omap4 |
|
References