CVE-2010-5332

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.37

Description The issue is related to an out of bounds array access in the Linux kernel, specifically in the drivers/net/mlx4/port.c file. This occurs when searching for a free entry in either the mlx4 register vlan() or mlx4 register mac() functions, and there is no free entry. As a result, the loop terminates without updating the local variable free, causing an out of array bounds access.

Recommendations For Linux kernel versions prior to 2.6.37, update to version 2.6.37 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable functions mlx4 register vlan() and mlx4 register mac() until a patch is available.