PT-2011-1489 · Linux · Linux Kernel
Eugene Teo
·
Published
2011-01-25
·
Updated
2023-02-13
·
CVE-2010-4256
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 2.6.37
Description
The issue is related to the pipe fcntl function in fs/pipe.c, which does not properly determine whether a file is a named pipe. This allows local users to cause a denial of service via an F SETPIPE SZ fcntl call.
Recommendations
For Linux kernel versions prior to 2.6.37, update to version 2.6.37 or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel