CVE-2010-3880 (retired)

Priority
Description
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not
properly audit INET_DIAG bytecode, which allows local users to cause a
denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE
instructions in a netlink message that contains multiple attribute
elements, as demonstrated by INET_DIAG_BC_JMP instructions.
Ubuntu-Description
Nelson Elhage discovered that the Linux kernel IPv4 implementation did not
properly audit certain bytecodes in netlink messages. A local attacker
could exploit this to cause the kernel to hang, leading to a denial of
service.
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
Package
Upstream:released (2.6.37~rc2)
More Information

Updated: 2019-03-26 11:53:43 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)