CVE-2010-4165

Published: Nov 22, 2010Modified: Apr 29, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.

Affected (8)

Products: Linux: Linux Kernel · Opensuse: Opensuse · Suse: Linux Enterprise Desktop, Linux Enterprise Real Time Extension, Linux Enterprise Server

1 product

1 product

3 products

Linux Enterprise Desktop

Linux Enterprise Real Time Extension

Linux Enterprise Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.37
Linux Linux Kernel	Version 2.6.37
Linux Linux Kernel	Version 2.6.37 rc1

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 11.2
Opensuse Opensuse	Version 11.3
Suse Linux Enterprise Desktop	Version 11 sp1
Suse Linux Enterprise Real Time Extension	Version 11 sp1
Suse Linux Enterprise Server	Version 11 sp1

Related CWEs

CWE-369

Divide By Zero

The product divides a value by zero.

References (46)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

http://secunia.com/advisories/42778

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42801

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/42932

Source: secalert@redhat.com

Third Party Advisory

http://securityreason.com/securityalert/8111

Source: secalert@redhat.com

ExploitThird Party Advisory

http://securityreason.com/securityalert/8123

Source: secalert@redhat.com

ExploitThird Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2

Source: secalert@redhat.com

Broken Link

http://www.mandriva.com/security/advisories?name=MDVSA-2011:029

Source: secalert@redhat.com

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:051

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2010/11/12/1

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://www.openwall.com/lists/oss-security/2010/11/12/4

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://www.osvdb.org/69241

Source: secalert@redhat.com

Broken Link

http://www.securityfocus.com/bid/44830

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.spinics.net/lists/netdev/msg146405.html

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://www.spinics.net/lists/netdev/msg146495.html

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://www.vupen.com/english/advisories/2011/0012

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0124

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0298

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=652508

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2