CVE-2010-0410

Publication date 22 February 2010

Last updated 24 July 2024

Ubuntu priority

drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
linux	9.10 karmic	Fixed 2.6.31-20.58
	9.04 jaunty	Fixed 2.6.28-18.60
	8.10 intrepid	Fixed 2.6.27-17.46
	8.04 LTS hardy	Fixed 2.6.24-27.68
	6.06 LTS dapper	Not in release
linux-source-2.6.15	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Fixed 2.6.15-55.83

Notes

kees

we can avoid ABI bumps by not dropping the module parameters

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f98bfbd78c37c5946cc53089da32a5f741efdeb7

CVE-2010-0410

Status

Notes

kees

Patch details

References

Related Ubuntu Security Notices (USN)

Other references