CVE-2011-1093

Published: Jul 18, 2011Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.

Affected (6)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux Aus, Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Workstation

1 product

5 products

Enterprise Linux Aus

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.38

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Aus	Version 5.6
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Eus	Version 5.6
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Workstation	Version 5.0

Related CWEs

NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

References (16)

http://downloads.avaya.com/css/P8/documents/100145416

Source: secalert@redhat.com

Third Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d

Source: secalert@redhat.com

http://openwall.com/lists/oss-security/2011/03/08/19

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://openwall.com/lists/oss-security/2011/03/08/4

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2011-0833.html

Source: secalert@redhat.com

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38

Source: secalert@redhat.com

Broken Link

http://www.securityfocus.com/bid/46793

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=682954

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

http://downloads.avaya.com/css/P8/documents/100145416

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2011/03/08/19

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://openwall.com/lists/oss-security/2011/03/08/4

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2011-0833.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.securityfocus.com/bid/46793

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=682954

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

Timeline

No history available yet.