5

CVE-2010-3873

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.36.2
OpensuseOpensuse Version11.4
DebianDebian Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.74% 0.884
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/43291
Third Party Advisory
http://www.debian.org/security/2010/dsa-2126
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0375
Third Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
Broken Link
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6331d6f9a4298173b413cf99a40cc86a9d92c37
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/11/03/2
Third Party Advisory
Mailing List
http://openwall.com/lists/oss-security/2010/11/04/3
Third Party Advisory
Mailing List
http://www.spinics.net/lists/netdev/msg145786.html
Patch
Third Party Advisory
Mailing List
http://www.spinics.net/lists/netdev/msg145873.html
Patch
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=649693
Patch
Third Party Advisory
Issue Tracking