CVE-2010-3880 (retired)

Priority
Description
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not
properly audit INET_DIAG bytecode, which allows local users to cause a
denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE
instructions in a netlink message that contains multiple attribute
elements, as demonstrated by INET_DIAG_BC_JMP instructions.
Ubuntu-Description
Nelson Elhage discovered that the Linux kernel IPv4 implementation did not
properly audit certain bytecodes in netlink messages. A local attacker
could exploit this to cause the kernel to hang, leading to a denial of
service.
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
More Information

Updated: 2019-09-19 15:33:55 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)