Bobcares

Linux kernel vulnerability CVE-2010-4249

by | Dec 4, 2010

A vulnerability in Linux kernels prior to 2.6.37-rc3-next-20101125 allows a local user to cause a denial of service attack on your server. So this is a good time to cross check the level of access you’ve granted to the users on your server. If you’ve recently been experiencing high loads and server crashes, with no apparent network activity, you could be among one of the very few victims of this attack

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

-CVE-2010-4249

For more details about this vulnerability you can refer to this link. If you would like to apply the patch yourself, it is available here. According to David Miller, the patch should be applied to all stable releases by now. So if you’ve enabled automated updates, your kernels should already be patched.


About the Author:

Hamish joined Bobcares in July of 2004, and since then has grown to be well versed in the Control Panels and Operating systems used in the Web Hosting industry today. He is highly passionate about Linux and is a great evangelist of open-source. When not at work, he keeps himself busy populating this blog with both technical and non-technical posts. When he is not on his Xbox, he is an avid movie lover and critic


0 Comments

Never again lose customers to poor
server speed! Let us help you.