SB2010033101 - Use-after-free in Linux kernel ipv4
Published: March 31, 2010
Security Bulletin ID
SB2010033101
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2010-1188)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- http://git.kernel.org/linus/fb7e2399ec17f1004c0e0ccfd17439f8759ede01
- http://secunia.com/advisories/39652
- http://support.avaya.com/css/P8/documents/100090459
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20
- http://www.openwall.com/lists/oss-security/2010/03/29/1
- http://www.redhat.com/support/errata/RHSA-2010-0380.html
- http://www.redhat.com/support/errata/RHSA-2010-0394.html
- http://www.redhat.com/support/errata/RHSA-2010-0424.html
- http://www.redhat.com/support/errata/RHSA-2010-0439.html
- http://www.redhat.com/support/errata/RHSA-2010-0882.html
- http://www.securityfocus.com/bid/39016
- http://www.securitytracker.com/id?1023992
- http://www.vmware.com/security/advisories/VMSA-2011-0009.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9878