CVE-2010-4251

Priority
Description
The socket implementation in net/core/sock.c in the Linux kernel before
2.6.34 does not properly manage a backlog of received packets, which allows
remote attackers to cause a denial of service (memory consumption) by
sending a large amount of network traffic, as demonstrated by netperf UDP
tests.
Ubuntu-Description
Alex Shi and Eric Dumazet discovered that the network stack did not
correctly handle packet backlogs. A remote attacker could exploit this by
sending a large amount of network traffic to cause the system to run out of
memory, leading to a denial of service.
Notes
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Patches:
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
Package
Upstream:released (2.6.34~rc2)
More Information

Updated: 2019-12-05 20:55:58 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)