CVE-2010-4342 - OpenCVE

The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Suse	Linux Enterprise Server

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:2.6.37:-::::::
	cpe:2.3:o:linux:linux_kernel:2.6.37:rc1::::::
	cpe:2.3:o:linux:linux_kernel:2.6.37:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.37:rc3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.37:rc4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.37:rc5::::::

Configuration 2 [-]

cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html
http://marc.info/?l=linux-netdev&m=129185496013580&w=2
http://marc.info/?l=linux-netdev&m=129186011218615&w=2
http://openwall.com/lists/oss-security/2010/12/09/1
http://openwall.com/lists/oss-security/2010/12/09/2
http://secunia.com/advisories/43291
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6
http://www.securityfocus.com/bid/45321
http://www.vupen.com/english/advisories/2011/0375

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-12-30T18:00:00

Updated: 2024-08-07T03:43:14.728Z

Reserved: 2010-11-30T00:00:00

Link: CVE-2010-4342

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-12-30T19:00:04.567

Modified: 2023-02-13T04:28:34.340

Link: CVE-2010-4342

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-12-08T00:00:00", "descriptions": [{"lang": "en", "value": "The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-02-04T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2010/12/09/2"}, {"name": "45321", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45321"}, {"name": "[netdev] 20101209 NULL dereference in econet AUN-over-UDP receive", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-netdev&m=129185496013580&w=2"}, {"name": "[oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2010/12/09/1"}, {"name": "ADV-2011-0375", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0375"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6"}, {"name": "SUSE-SA:2011:008", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64"}, {"name": "43291", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43291"}, {"name": "[netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-netdev&m=129186011218615&w=2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:43:14.728Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2010/12/09/2"}, {"name": "45321", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/45321"}, {"name": "[netdev] 20101209 NULL dereference in econet AUN-over-UDP receive", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-netdev&m=129185496013580&w=2"}, {"name": "[oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2010/12/09/1"}, {"name": "ADV-2011-0375", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0375"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6"}, {"name": "SUSE-SA:2011:008", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64"}, {"name": "43291", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43291"}, {"name": "[netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-netdev&m=129186011218615&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-4342", "datePublished": "2010-12-30T18:00:00", "dateReserved": "2010-11-30T00:00:00", "dateUpdated": "2024-08-07T03:43:14.728Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "76630B45-B590-4651-972E-F938A83010C0", "versionEndExcluding": "2.6.37", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*", "matchCriteriaId": "79F8D440-02E8-4BF7-8F56-31E4F349166B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*", "matchCriteriaId": "2EA6C6E6-CAD5-4D43-AD96-66D5ACBB91CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*", "matchCriteriaId": "71905CF7-7C7B-43AC-970D-D3187A807903", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*", "matchCriteriaId": "201421C9-E054-4FEB-A37A-8C314F242FBC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*", "matchCriteriaId": "F157225D-C62C-465D-A758-DE6A6C48C397", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*", "matchCriteriaId": "77BB49A9-39D0-49C4-A241-D1537590F508", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP."}, {"lang": "es", "value": "La funci\u00f3n aun_incoming en net/econet/af_econet.c en el kernel de Linux anterior a v2.6.37-rc6, cuando Econet est\u00e1 activado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia a un puntero NULL y OOPS) mediante el env\u00edo de un paquete Acorn Universal Networking (AUN)sobre UDP."}], "id": "CVE-2010-4342", "lastModified": "2023-02-13T04:28:34.340", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-12-30T19:00:04.567", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory"], "url": "http://marc.info/?l=linux-netdev&m=129185496013580&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-netdev&m=129186011218615&w=2"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2010/12/09/1"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List", "Patch", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2010/12/09/2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/43291"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/45321"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0375"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}