CVE-2010-4251 in Ubuntu

CVE-2010-4251

Priority

Medium

Description

The socket implementation in net/core/sock.c in the Linux kernel before
2.6.34 does not properly manage a backlog of received packets, which allows
remote attackers to cause a denial of service (memory consumption) by
sending a large amount of network traffic, as demonstrated by netperf UDP
tests.

Ubuntu-Description

Alex Shi and Eric Dumazet discovered that the network stack did not
correctly handle packet backlogs. A remote attacker could exploit this by
sending a large amount of network traffic to cause the system to run out of
memory, leading to a denial of service.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4251
http://www.ubuntu.com/usn/usn-1204-1
http://www.ubuntu.com/usn/usn-1203-1
http://www.ubuntu.com/usn/usn-1208-1
http://www.ubuntu.com/usn/usn-1216-1
http://www.ubuntu.com/usn/usn-1218-1

Package

Source: linux-armadaxp (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (3.2.0-1600.1)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (3.2.0-1602.5)
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-source-2.6.15 (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-ec2 (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.32-318.37)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-backport-oneiric (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	not-affected
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-backport-natty (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	not-affected (2.6.38-1.27~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-quantal (LP Ubuntu Debian)

Upstream:	DNE
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Patches:

Package

Source: linux-mvl-dove (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.32-218.35)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-backport-maverick (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	not-affected (2.6.35-1.1~lucid1)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.32-34.73)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (2.6.39-0.0)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (2.6.39-0.0)
Ubuntu 13.04 (Raring Ringtail):	not-affected (2.6.39-0.0)
Ubuntu 13.10 (Saucy Salamander):	not-affected (2.6.39-0.0)

Patches:

Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=8eae939f1400326b06d0c9afe53d2a484a326871
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=6b03a53a5ab7ccf2d5d69f96cf1c739c4d2a8fb9
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=55349790d7cbf0d381873a7ece1dcafcffd4aaa9
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=79545b681961d7001c1f4c3eb9ffb87bed4485db
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b1a782f845140f4138f14a1ce8a4a6dd0cc82f
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=53eecb1be5ae499d399d2923933937a9ea1a284f
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=2499849ee8f513e795b9f2c19a42d6356e4943a4
Upstream:	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a3a858ff18a72a8d388e31ab0d98f7e944841a62

Package

Source: linux-ti-omap4 (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (2.6.38-1309.13)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (2.6.38-1309.13)
Ubuntu 13.04 (Raring Ringtail):	not-affected (2.6.38-1309.13)
Ubuntu 13.10 (Saucy Salamander):	not-affected (2.6.38-1309.13)

Package

Source: linux-fsl-imx51 (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	released (2.6.31-610.27)
Ubuntu 12.04 LTS (Precise Pangolin):	DNE
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

Package

Source: linux-lts-raring (LP Ubuntu Debian)

Upstream:	released (2.6.34~rc2)
Ubuntu 10.04 LTS (Lucid Lynx):	DNE
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected
Ubuntu 12.10 (Quantal Quetzal):	DNE
Ubuntu 13.04 (Raring Ringtail):	DNE
Ubuntu 13.10 (Saucy Salamander):	DNE

More Information

Updated: 2013-05-10 19:14:56 UTC (commit 6828)