Back to search
CVE-2010-1188
Published: Mar 31, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled and causes the skb structure to be freed.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1023992
vdb-entry
x_refsource_SECTRACK
RHSA-2010:0380
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:9878
vdb-entry
signature
x_refsource_OVAL
RHSA-2010:0394
vendor-advisory
x_refsource_REDHAT
http://support.avaya.com/css/P8/documents/100090459
x_refsource_CONFIRM
RHSA-2010:0882
vendor-advisory
x_refsource_REDHAT
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20
x_refsource_CONFIRM
[oss-security] 20100329 CVE request: kernel: ipv6: skb is unexpectedly freed (remote DoS)
mailing-list
x_refsource_MLIST
39652
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
x_refsource_CONFIRM
http://git.kernel.org/linus/fb7e2399ec17f1004c0e0ccfd17439f8759ede01
x_refsource_CONFIRM
RHSA-2010:0439
vendor-advisory
x_refsource_REDHAT
39016
vdb-entry
x_refsource_BID
RHSA-2010:0424
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now