Description
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Canonical / Ubuntu Linux8.10 – 8.10
- Canonical / Ubuntu Linux6.06 – 6.06
- Canonical / Ubuntu Linux8.04 – 8.04
- Canonical / Ubuntu Linux9.04 – 9.04
- Canonical / Ubuntu Linux9.10 – 9.10
- fedoraproject / fedora10 – 10
- Linux / Linux kernel2.6.31.4
- openSUSE / opensuse11.0 – 11.0
- openSUSE / opensuse11.2 – 11.2
- SUSE / suse_linux_enterprise_desktop10 – 10
- SUSE / suse_linux_enterprise_desktop10 – 10
- SUSE / SUSE Linux Enterprise Server10 – 10
- SUSE / SUSE Linux Enterprise Server10 – 10
- VMware / esx4.0 – 4.0
- VMware / vma4.0 – 4.0
References
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2009/10/19/2
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=529626
- MISChttp://lkml.org/lkml/2009/10/19/50
- MISChttp://www.redhat.com/support/errata/RHSA-2009-1671.html
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2009/10/19/4
- MISChttps://rhn.redhat.com/errata/RHSA-2009-1540.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-864-1
- VENDOR_ADVISORYhttp://secunia.com/advisories/38794
- MAILING_LISThttp://lists.vmware.com/pipermail/security-announce/2010/000082.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:329
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
- MISChttp://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=77238f2b942b38ab4e7f3aced44084493e4a8675
- VENDOR_ADVISORYhttp://secunia.com/advisories/37909
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9921
- MISChttp://patchwork.kernel.org/patch/54678/
- MISChttp://www.redhat.com/support/errata/RHSA-2009-1670.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/38834
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6895
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/37086
- VENDOR_ADVISORYhttp://secunia.com/advisories/38017
- MISChttps://www.redhat.com/archives/fedora-package-announce/2009-November/msg00190.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/0528