cbcvebase.
CVE-2010-4243
published 2011-01-22

CVE-2010-4243: fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2)…

PriorityP421medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
0.91%
55.5th percentile
fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858.

Affected

4 ranges
VendorProductVersion rangeFixed in
linuxlinux_kernel< 2.6.372.6.37
vmwarevmware_esxi
vmwarevmware_workstation
vmwarevsphere

CVSS provenance

nvdv2.04.9MEDIUMAV:L/AC:L/Au:N/C:N/I:N/A:C
vendor_ubuntu6.9MEDIUM
vendor_redhat4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.