CVE-2010-4526

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.11-rc2 through 2.6.33

Description The issue is related to a race condition in the sctp icmp proto unreachable function, which can be triggered by an ICMP unreachable message to a socket that is already locked by a user. This can cause the socket to be freed and result in list corruption, leading to a denial of service (panic). The issue is also related to the sctp wait for connect function.

Recommendations For Linux kernel versions 2.6.11-rc2 through 2.6.33, consider upgrading to a version that contains a fix for this issue, as the exact fixed version is not specified in the provided information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2010-4526

DSA-2153-1

RHSA-2011:0163

RHSA-2011:0421

RHSA-2011:1253

RHSA-2011_0163

RHSA-2011_0421

Affected Products

Linux Kernel

Red Hat

CVE-2010-4526

Weakness Enumeration

Related Identifiers

Affected Products

References · 31