CVE-2010-4526

{"id": "CVE-2010-4526", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-11T03:00:04.203", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=50b5d6ad63821cea324a5a7a19854d4de1a0a819", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42964", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/46397", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/01/04/13", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/01/04/3", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0163.html", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/45661", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0169", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64616", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function."}, {"lang": "es", "value": "Condici\u00f3n de carrera en el kernel de Linux 2.6.11-rc2 hasta 2.6.33. Permite a atacantes remotos provocar una denegaci\u00f3n de servicio (kernel panic) a trav\u00e9s de un mensaje no enrutable ICMP a un socket que ya se encuentra bloqueado por un usuario, lo que provoca que el socket sea liberado y una corrupci\u00f3n de lista. Relacionado con la funci\u00f3n sctp_wait_for_connect."}], "lastModified": "2023-02-13T04:28:57.707", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1B2D05E-354E-4EBF-BC0D-2ABC8CCD36E6", "versionEndIncluding": "2.6.33", "versionStartIncluding": "2.6.11.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2422569B-02ED-4028-83D8-D778657596B7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E66E4653-1A55-4827-888B-E0776E32ED28"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C8994CB-7F94-43FB-8B84-06AEBB34EAE0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95DD4647-564E-4067-A945-F52232C0A33A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB4E172C-4FBD-40AA-91F1-2858A74C5483"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE"}, {"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}