CVE-2010-4251
published 2011-05-26CVE-2010-4251: The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | < 2.6.35 | 2.6.35 |
| linux | linux_kernel | < 2.6.34 | 2.6.34 |
| redhat | enterprise_linux | — | — |
| vmware | esx | — | — |
| vmware | esx | — | — |
| vmware | vmware_esxi | — | — |
| vmware | vmware_workstation | — | — |
| vmware | vsphere | — | — |