SB2010041201 - Improper input validation in Linux kernel
Published: April 12, 2010
Security Bulletin ID
SB2010041201
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper input validation (CVE-ID: CVE-2010-0741)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation error. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02495.html
- https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458521
- http://www.redhat.com/support/errata/RHSA-2010-0271.html
- http://lists.gnu.org/archive/html/qemu-devel/2009-10/msg02480.html
- http://openwall.com/lists/oss-security/2010/03/29/4
- https://bugzilla.redhat.com/show_bug.cgi?id=577218
- http://www.vupen.com/english/advisories/2010/0760
- https://patchwork.kernel.org/patch/56479/
- http://securitytracker.com/id?1023798
- https://rhn.redhat.com/errata/RHSA-2010-0476.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11143
- http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=184bd0484533b725194fa517ddc271ffd74da7c9