CVE-2010-4251

Published: 26 May 2011

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.

From the Ubuntu security team

Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






	Patches: Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=8eae939f1400326b06d0c9afe53d2a484a326871 Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=6b03a53a5ab7ccf2d5d69f96cf1c739c4d2a8fb9 Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=55349790d7cbf0d381873a7ece1dcafcffd4aaa9 Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=79545b681961d7001c1f4c3eb9ffb87bed4485db Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=50b1a782f845140f4138f14a1ce8a4a6dd0cc82f Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=53eecb1be5ae499d399d2923933937a9ea1a284f Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=2499849ee8f513e795b9f2c19a42d6356e4943a4 Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a3a858ff18a72a8d388e31ab0d98f7e944841a62
linux-armadaxp Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-ec2 Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-fsl-imx51 Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-lts-backport-maverick Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-lts-backport-natty Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-lts-backport-oneiric Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-lts-quantal Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-lts-raring Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-mvl-dove Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-source-2.6.15 Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)






linux-ti-omap4 Launchpad, Ubuntu, Debian	Upstream	Released (2.6.34~rc2)

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›