CVE-2010-4164

Published: Jan 3, 2011Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873.

Affected (11)

Products: Linux: Linux Kernel · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Real Time Extension, Linux Enterprise Server, Linux Enterprise Software Development Kit · +1 more

Show all products

Linux: Linux Kernel · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Real Time Extension, Linux Enterprise Server, Linux Enterprise Software Development Kit · Debian: Debian Linux

1 product

1 product

4 products

Linux Enterprise Desktop

Linux Enterprise Real Time Extension

Linux Enterprise Server

Linux Enterprise Software Development Kit

Debian

1 product

Debian Linux

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.36.2

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.2
Opensuse Opensuse	Version 11.3
Suse Linux Enterprise Desktop	Version 10 sp3
Suse Linux Enterprise Desktop	Version 11 sp1
Suse Linux Enterprise Real Time Extension	Version 11 sp1
Suse Linux Enterprise Server	Version 10 sp3
Suse Linux Enterprise Server	Version 11 sp1
Suse Linux Enterprise Server	Version 9
Suse Linux Enterprise Software Development Kit	Version 10 sp3

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 5.0

Related CWEs

CWE-191

Integer Underflow (Wrap or Wraparound)

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

References (46)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://marc.info/?l=linux-netdev&m=128951543005554&w=2

Source: secalert@redhat.com

PatchThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/11/2

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://openwall.com/lists/oss-security/2010/11/12/3

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/42778

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42801

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42932

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/43291

Source: secalert@redhat.com

Third Party Advisory

http://www.debian.org/security/2010/dsa-2126

Source: secalert@redhat.com

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Source: secalert@redhat.com

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2011:029

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/45055

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2011/0012

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0124

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0298

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0375

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=652517

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ef41308f94dcbb3b7afc56cdef1c2ba53fa5d2f