CVE-2010-4249

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.9 Red Hat Enterprise Linux kernel versions 2.6.9 CentOS kernel versions 2.6.9

Description The issue affects the Linux kernel and can lead to a disruption of confidentiality, integrity, and availability of protected information. Exploitation of the vulnerabilities can be done remotely. The wait for unix gc function in net/unix/garbage.c does not properly select times for garbage collection of inflight sockets, allowing local users to cause a denial of service via crafted use of the socketpair and sendmsg system calls for SOCK SEQPACKET sockets.

Recommendations For Linux kernel version 2.6.9, update to a version after 2.6.37-rc3-next-20101125. For Red Hat Enterprise Linux kernel version 2.6.9, update to a version after 2.6.37-rc3-next-20101125. For CentOS kernel version 2.6.9, update to a version after 2.6.37-rc3-next-20101125. As a temporary workaround, consider restricting access to the vulnerable kernel functions until a patch is available.