CVE-2010-4249 (retired)

Priority
Description
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel
before 2.6.37-rc3-next-20101125 does not properly select times for garbage
collection of inflight sockets, which allows local users to cause a denial
of service (system hang) via crafted use of the socketpair and sendmsg
system calls for SOCK_SEQPACKET sockets.
Ubuntu-Description
Vegard Nossum discovered that memory garbage collection was not handled
correctly for active sockets. A local attacker could exploit this to
allocate all available kernel memory, leading to a denial of service.
Notes
 mdeslaur> PoC: http://www.exploit-db.com/exploits/15622/
 jdstrand> dapper_linux-source-2.6.15 was marked as pending, but not included
  in 2.6.15-57.94, marking back to 'needed'
Assigned-to
bradf
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
Package
Upstream:released (2.6.37~rc4)
More Information

Updated: 2019-08-23 08:41:44 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)