CVE-2010-4169 — Use After Free in Kernel

CWE-416 — Use After Free12 documents6 sources

Severity

4.9MEDIUMNVD

EPSS

0.0%

top 85.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Fedoraproject Fedora Opensuse +3 more

Timeline

PublishedNov 22

Latest updateMay 13

Description

Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages5 packages

▶NVDlinux/linux_kernel< 2.6.37+1

▶NVDsuse/linux_enterprise_server11

▶NVDsuse/linux_enterprise_desktop11

▶NVDsuse/linux_enterprise_real_time_extension11

▶NVDopensuse/opensuse11.3

Also affects: Fedora 13

Patches

Patch: marc.info ↗Patch: marc.info ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-cx34-9hmm-493f: Use-after-free vulnerability in mm/mprotect↗2022-05-13

▶

CVEList

CVE-2010-4169: Use-after-free vulnerability in mm/mprotect↗2010-11-20

▶

📋Vendor Advisories

Ubuntu

Linux kernel (OMAP4) vulnerabilities↗2011-09-13

▶

Ubuntu

Linux Kernel vulnerabilities (Marvell Dove)↗2011-03-25

▶

Ubuntu

Linux kernel vulnerabilities↗2011-03-03

▶

Ubuntu

Linux kernel vulnerabilities↗2011-02-28

▶

Ubuntu

Linux kernel vulnerabilities↗2011-02-25

▶

💬Community

Bugzilla

CVE-2010-4169 kernel: perf bug↗2010-11-10

▶