CVE-2010-4242

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6.36 Linux kernel versions 2.6.9

Description The issue is related to the Linux kernel, specifically the HCI UART driver, where the hci uart tty open function does not verify whether the tty has a write operation. This allows local users to cause a denial of service via vectors related to the Bluetooth driver. Additionally, multiple vulnerabilities have been identified in various Linux kernel packages, including kernel-devel, kernel-doc, kernel-hugemem, kernel-largesmp, and kernel-smp, which can lead to confidentiality, integrity, and availability breaches. These vulnerabilities can be exploited remotely.

Recommendations For Linux kernel version 2.6.36, consider disabling the hci uart tty open function as a temporary workaround until a patch is available. For Linux kernel versions 2.6.9, restrict access to the vulnerable kernel packages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.