PublicDateAtUSN: 2011-01-10
Candidate: CVE-2010-4526
PublicDate: 2011-01-11 03:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4526
 https://ubuntu.com/security/notices/USN-1080-1
 https://ubuntu.com/security/notices/USN-1080-2
 https://ubuntu.com/security/notices/USN-1093-1
 https://ubuntu.com/security/notices/USN-1170-1
 https://ubuntu.com/security/notices/USN-1204-1
Description:
 Race condition in the sctp_icmp_proto_unreachable function in
 net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote
 attackers to cause a denial of service (panic) via an ICMP unreachable
 message to a socket that is already locked by a user, which causes the
 socket to be freed and triggers list corruption, related to the
 sctp_wait_for_connect function.
Ubuntu-Description:
 It was discovered that the ICMP stack did not correctly handle certain
 unreachable messages. If a remote attacker were able to acquire a socket
 lock, they could send specially crafted traffic that would crash the
 system, leading to a denial of service.
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_linux-source-2.6.15:
upstream_linux-source-2.6.15: released (2.6.34)
dapper_linux-source-2.6.15: ignored
hardy_linux-source-2.6.15: DNE
karmic_linux-source-2.6.15: DNE
lucid_linux-source-2.6.15: DNE
maverick_linux-source-2.6.15: DNE
natty_linux-source-2.6.15: DNE
devel_linux-source-2.6.15: DNE

Patches_linux:
 upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b5d6ad63821cea324a5a7a19854d4de1a0a819
upstream_linux: released (2.6.34)
dapper_linux: DNE
hardy_linux: released (2.6.24-29.91)
karmic_linux: ignored
lucid_linux: released (2.6.32-29.57)
maverick_linux: not-affected (2.6.35-1.1)
natty_linux: not-affected (2.6.37-2.9)
devel_linux: not-affected (2.6.39-0.0)

upstream_linux-ec2: released (2.6.34)
dapper_linux-ec2: DNE
hardy_linux-ec2: DNE
karmic_linux-ec2: ignored (reached end-of-life)
lucid_linux-ec2: released (2.6.32-313.25)
maverick_linux-ec2: ignored (binary supplied by "linux" now)
natty_linux-ec2: DNE
devel_linux-ec2: DNE

Patches_linux-ti-omap4:
upstream_linux-ti-omap4: released (2.6.34)
dapper_linux-ti-omap4: DNE
hardy_linux-ti-omap4: DNE
karmic_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
maverick_linux-ti-omap4: not-affected (2.6.35-903.8)
natty_linux-ti-omap4: not-affected (2.6.38-1201.2)
devel_linux-ti-omap4: not-affected (2.6.38-1309.13)

upstream_linux-lts-backport-maverick: released (2.6.34)
dapper_linux-lts-backport-maverick: DNE
hardy_linux-lts-backport-maverick: DNE
karmic_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: not-affected (2.6.35-1.1~lucid1)
maverick_linux-lts-backport-maverick: DNE
natty_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE

Patches_linux-mvl-dove:
upstream_linux-mvl-dove: released (2.6.34)
dapper_linux-mvl-dove: DNE
hardy_linux-mvl-dove: DNE
karmic_linux-mvl-dove: ignored (abandonded branch)
lucid_linux-mvl-dove: released (2.6.32-214.30)
maverick_linux-mvl-dove: released (2.6.32-414.30)
natty_linux-mvl-dove: DNE
devel_linux-mvl-dove: DNE

Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: released (2.6.34)
dapper_linux-fsl-imx51: DNE
hardy_linux-fsl-imx51: DNE
karmic_linux-fsl-imx51: ignored (reached end-of-life)
lucid_linux-fsl-imx51: released (2.6.31-610.27)
maverick_linux-fsl-imx51: DNE
natty_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE

Patches_linux-lts-backport-natty:
upstream_linux-lts-backport-natty: released (2.6.34)
hardy_linux-lts-backport-natty: DNE
lucid_linux-lts-backport-natty: not-affected (2.6.38-1.27~lucid1)
maverick_linux-lts-backport-natty: DNE
natty_linux-lts-backport-natty: DNE
devel_linux-lts-backport-natty: DNE