← Back

CVE-2010-4526

nvd nist
Published: Jan 11, 2011Modified: Apr 29, 2026

JSON object

Loading...
7.1
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:C
Exploitability: 8.6 / Impact: 6.9
Source: NVD

Description

Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function.

Affected (8)

Linux
1 product
Linux Kernel
Redhat
1 product
Enterprise Mrg
Vmware
1 product
Esx
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
From 2.6.11.1 to 2.6.33
Linux Kernel
Version 2.6.11 rc2
Linux Kernel
Version 2.6.11 rc3
Linux Kernel
Version 2.6.11 rc4
Linux Kernel
Version 2.6.11 rc5
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Mrg
Version 1.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Vmware
Esx
Version 4.0
Esx
Version 4.1

Related CWEs

CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (24)

Source: secalert@redhat.com
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Mailing ListPatchThird Party Advisory
Source: secalert@redhat.com
Mailing ListPatchThird Party Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.