Vulnerability Details : CVE-2010-0410
drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.
Vulnerability category: Denial of service
Products affected by CVE-2010-0410
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Threat overview for CVE-2010-0410
Top countries where our scanners detected CVE-2010-0410
Top open port discovered on systems with this issue
53
IPs affected by CVE-2010-0410 1,144
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-0410!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-0410
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-0410
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2010-0410
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2010-0410
-
Red Hat 2010-03-12Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2010-0410. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3 and 4, as they do not include support for kernel connectors. Future updates in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG may address this flaw.
References for CVE-2010-0410
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:088
mandriva.comThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=561682
561682 – (CVE-2010-0410) CVE-2010-0410 kernel: OOM/crash in drivers/connectorIssue Tracking;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-914-1
USN-914-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0398.html
SupportThird Party Advisory
-
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
404 Page Not Found | SUSEThird Party Advisory
-
http://secunia.com/advisories/39033
Sign inThird Party Advisory
-
http://www.securityfocus.com/bid/38058
Linux Kernel 'drivers/connector/connector.c' Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/43315
Sign inThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10903
Repository / Oval RepositoryThird Party Advisory
-
http://support.avaya.com/css/P8/documents/100088287
ASA-2010-144 (RHSA-2010-0398)Third Party Advisory
-
http://secunia.com/advisories/39649
Sign inThird Party Advisory
-
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.8
404: File not foundPatch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://www.debian.org/security/2010/dsa-1996
Debian -- Security Information -- DSA-1996-1 linux-2.6Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00006.html
[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:20Mailing List;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
[SECURITY] Fedora 12 Update: kernel-2.6.31.12-174.2.19.fc12Mailing List;Third Party Advisory
-
http://www.vupen.com/english/advisories/2010/0638
Webmail | OVH- OVHThird Party Advisory
-
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
VMSA-2011-0003.2Third Party Advisory
-
http://secunia.com/advisories/39742
Sign inThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2010/02/03/3
oss-security - Re: CVE request: kernel OOM/crash in drivers/connectorMailing List;Third Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f98bfbd78c37c5946cc53089da32a5f741efdeb7
-
http://secunia.com/advisories/38779
Sign inThird Party Advisory
-
http://www.securityfocus.com/archive/1/516397/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/38922
Sign inThird Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035070.html
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.23.fc11Mailing List;Third Party Advisory
-
http://secunia.com/advisories/38492
Sign inThird Party Advisory
-
http://www.debian.org/security/2010/dsa-2005
Debian -- Security Information -- DSA-2005-1 linux-2.6.24Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0161.html
SupportThird Party Advisory
-
http://secunia.com/advisories/38557
Sign inThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2010/02/03/1
oss-security - CVE request: kernel OOM/crash in drivers/connectorMailing List;Third Party Advisory
Jump to