LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2010-4347 CVE-2010-4258 CVE-2010-4165 CVE-2010-4175 CVE-2010-4163
Created:January 3, 2011 Updated:August 9, 2011
Description: From the openSUSE advisory:

CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable "custom_debug" file, allowing local privilege escalation.

CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused by other flaws to write a 0 byte to a attacker controlled address in the kernel. This could lead to privilege escalation together with other issues.

CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel did not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.

CVE-2010-4175: A local attacker could cause memory overruns in the RDS protocol stack, potentially crashing the kernel. So far it is considered not to be exploitable.

CVE-2010-4163: By submitting certain I/O requests with 0 length, a local user could have caused a kernel panic.

Alerts:
Ubuntu USN-1204-1 2011-09-13
Ubuntu USN-1202-1 2011-09-13
Ubuntu USN-1187-1 2011-08-09
Ubuntu USN-1186-1 2011-08-09
Ubuntu USN-1167-1 2011-07-13
Ubuntu USN-1164-1 2011-07-06
SUSE SUSE-SA:2011:017 2011-04-18
openSUSE openSUSE-SU-2011:0346-1 2011-04-18
Ubuntu USN-1105-1 2011-04-05
Ubuntu USN-1111-1 2011-05-05
Ubuntu USN-1093-1 2011-03-25
Ubuntu USN-1092-1 2011-03-25
SUSE SUSE-SA:2011:015 2011-03-24
Ubuntu USN-1090-1 2011-03-18
Ubuntu USN-1089-1 2011-03-18
Mandriva MDVSA-2011:051 2011-03-18
Red Hat RHSA-2011:0330-01 2011-03-10
Ubuntu USN-1086-1 2011-03-08
Fedora FEDORA-2011-2134 2011-02-24
Ubuntu USN-1119-1 2011-04-20
SUSE SUSE-SA:2011:012 2011-03-08
Ubuntu USN-1083-1 2011-03-03
Ubuntu USN-1074-2 2011-02-28
Ubuntu USN-1074-1 2011-02-25
Ubuntu USN-1073-1 2011-02-25
Red Hat RHSA-2011:0283-01 2011-02-22
Mandriva MDVSA-2011:029 2011-02-17
SUSE SUSE-SA:2011:008 2011-02-11
Fedora FEDORA-2011-1138 2011-02-07
openSUSE openSUSE-SU-2011:0399-1 2011-04-28
SUSE SUSE-SA:2011:007 2011-02-07
Ubuntu USN-1054-1 2011-02-01
Debian DSA-2153-1 2011-01-30
CentOS CESA-2011:0162 2011-01-27
Red Hat RHSA-2011:0162-01 2011-01-18
SUSE SUSE-SA:2011:004 2011-01-14
Red Hat RHSA-2011:0007-01 2011-01-11
SUSE SUSE-SA:2011:005 2011-01-25
openSUSE openSUSE-SU-2011:0048-1 2011-01-19
openSUSE openSUSE-SU-2011:0003-1 2011-01-03
openSUSE openSUSE-SU-2011:0004-1 2011-01-03
Red Hat RHSA-2011:0017-01 2011-01-13
openSUSE openSUSE-SU-2013:0927-1 2013-06-10
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds