CVE-2010-4256
Published: 25 January 2011
The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine whether a file is a named pipe, which allows local users to cause a denial of service via an F_SETPIPE_SZ fcntl call.
From the Ubuntu security team
It was discovered that named pipes did not correctly handle certain fcntl calls. A local attacker could exploit this to crash the system, leading to a denial of service.
Priority
Low
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
Patches: Upstream: http://git.kernel.org/linus/71993e62a47dabddf10302807d6aa260455503f4 Upstream: http://git.kernel.org/linus/c66fb347946ebdd5b10908866ecc9fa05ee2cf3d |
||
|
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.37~rc4)
|