CVE-2010-4256

Published: 25 January 2011

The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine whether a file is a named pipe, which allows local users to cause a denial of service via an F_SETPIPE_SZ fcntl call.

From the Ubuntu security team

It was discovered that named pipes did not correctly handle certain fcntl calls. A local attacker could exploit this to crash the system, leading to a denial of service.

Priority

Low

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
Patches:
Upstream: http://git.kernel.org/linus/71993e62a47dabddf10302807d6aa260455503f4
Upstream: http://git.kernel.org/linus/c66fb347946ebdd5b10908866ecc9fa05ee2cf3d
linux-ec2
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
linux-fsl-imx51
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
linux-mvl-dove
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
linux-source-2.6.15
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)
linux-ti-omap4
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.37~rc4)

Notes

AuthorNote
sbeattie 
http://openwall.com/lists/oss-security/2010/11/30/6 claims
it was introduced in 2.6.35-rc2
apw 
it was introduced by commit 35f3d14dbbc58447c61e38a162ea10add6b31dc7
"pipe: add support for shrinking and growing pipes"
which was introduced in v2.6.35-rc1

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading