Need help?

Our experts will login to your server within 30 minutes to fix urgent issues.

Customer support or server support, make your own solution using our support configuration wizard.

Linux kernel vulnerability CVE-2010-4249

A vulnerability in Linux kernels prior to 2.6.37-rc3-next-20101125 allows a local user to cause a denial of service attack on your server. So this is a good time to cross check the level of access you’ve granted to the users on your server. If you’ve recently been experiencing high loads and server crashes, with no apparent network activity, you could be among one of the very few victims of this attack

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.


For more details about this vulnerability you can refer to this link. If you would like to apply the patch yourself, it is available here. According to David Miller, the patch should be applied to all stable releases by now. So if you’ve enabled automated updates, your kernels should already be patched.

About the Author:

Hamish joined Bobcares in July of 2004, and since then has grown to be well versed in the Control Panels and Operating systems used in the Web Hosting industry today. He is highly passionate about Linux and is a great evangelist of open-source. When not at work, he keeps himself busy populating this blog with both technical and non-technical posts. When he is not on his Xbox, he is an avid movie lover and critic

Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.