Your submission was sent successfully! Close

CVE-2010-1188

Published: 31 March 2010

Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled and causes the skb structure to be freed.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Not vulnerable

intrepid Not vulnerable

jaunty Not vulnerable

karmic Not vulnerable

lucid Not vulnerable

upstream Not vulnerable

linux-source-2.6.15
Launchpad, Ubuntu, Debian
dapper
Released (2.6.15-55.84)
hardy Does not exist

intrepid Does not exist

jaunty Does not exist

karmic Does not exist

lucid Does not exist

upstream Not vulnerable