CVE-2010-2248

Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise versions prior to 2.6.34-rc4 kernel-vmipae-debuginfo (affected versions not specified) kernel-kdumppae-debuginfo (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the Linux kernel, specifically in the CIFS implementation, which can be exploited remotely to cause a denial of service, leading to disruption of protected information availability. The exploitation can be achieved through an SMB response packet with an invalid CountHigh value. This is related to the CIFSSMBWrite and CIFSSMBWrite2 functions.

Recommendations For SUSE Linux Enterprise versions prior to 2.6.34-rc4, update to version 2.6.34-rc4 or later to resolve the issue. For kernel-vmipae-debuginfo and kernel-kdumppae-debuginfo, at the moment, there is no information about a newer version that contains a fix for this vulnerability.