CVE-2010-4342

Published: 30 December 2010

The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP.

From the Ubuntu security team

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
Patches:
Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.37~rc6)