4.9

CVE-2010-4165

Exploit
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 2.6.37
LinuxLinux Kernel Version2.6.37 Update-
LinuxLinux Kernel Version2.6.37 Updaterc1
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
SuseLinux Enterprise Desktop Version11 Updatesp1
SuseLinux Enterprise Real Time Extension Version11 Updatesp1
SuseLinux Enterprise Server Version11 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.36% 0.68
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-369 Divide By Zero

The product divides a value by zero.

http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:029
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
Third Party Advisory
Mailing List
http://www.vupen.com/english/advisories/2011/0298
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42778
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0012
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42801
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/42932
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0124
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2
http://securityreason.com/securityalert/8111
Third Party Advisory
Exploit
http://securityreason.com/securityalert/8123
Third Party Advisory
Exploit
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2
Broken Link
http://www.openwall.com/lists/oss-security/2010/11/12/1
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/11/12/4
Patch
Third Party Advisory
Mailing List
http://www.osvdb.org/69241
Broken Link
http://www.securityfocus.com/bid/44830
Third Party Advisory
VDB Entry
http://www.spinics.net/lists/netdev/msg146405.html
Patch
Third Party Advisory
Mailing List
http://www.spinics.net/lists/netdev/msg146495.html
Patch
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=652508
Patch
Third Party Advisory
Issue Tracking