CVE-2010-4251 - OpenCVE

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel
Vmware	Esx
Redhat	Enterprise Linux

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:vmware:esx:4.0:::::::*
	cpe:2.3:o:vmware:esx:4.1:::::::*

Configuration 3 [-]

cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*

References

Link	Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871
http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread	Broken Link
http://secunia.com/advisories/46397	Broken Link
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34	Broken Link
http://www.securityfocus.com/archive/1/520102/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/46637	Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0012.html	Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=657303	Issue Tracking Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2011-05-26T16:00:00

Updated: 2018-10-10T18:57:01

Reserved: 2010-11-16T00:00:00

Link: CVE-2010-4251

JSON object: View

NVD Information

Status : Modified

Published: 2011-05-26T16:55:03.347

Modified: 2023-02-13T04:28:25.427

Link: CVE-2010-4251

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BA10979-D59C-4A33-ACC8-A110A5ACFF74", "versionEndExcluding": "2.6.34", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests."}, {"lang": "es", "value": "La implementaci\u00f3n del socket en net/core/sock.c en el kernel de Linux anterior a v2.6.34 no maneja correctamente un retraso de los paquetes recibidos, que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) mediante el env\u00edo de una gran cantidad de la red tr\u00e1fico, como lo demuestran las pruebas netperf UDP."}], "id": "CVE-2010-4251", "lastModified": "2023-02-13T04:28:25.427", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2011-05-26T16:55:03.347", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://kerneltrap.org/mailarchive/linux-netdev/2010/3/3/6271093/thread"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/46397"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/46637"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=657303"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}