Rapid7 Vulnerability & Exploit Database

USN-1093-1: Linux Kernel vulnerabilities (Marvell Dove)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-1093-1: Linux Kernel vulnerabilities (Marvell Dove)

Severity

CVSS

(AV:A/AC:L/Au:N/C:C/I:C/A:C)

Published

11/26/2010

Created

07/25/2018

Added

05/06/2013

Modified

05/15/2023

Description

The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.

Solution(s)

ubuntu-upgrade-linux-image-2-6-32-216-dove
ubuntu-upgrade-linux-image-2-6-32-416-dove

References

https://attackerkb.com/topics/cve-2010-2478
41223
42527
42529
42885
42932
43022
43062
43098
43221
43226
43229
43368
43480
43551
43684
43787
43806
43809
43817
44067
44242
44301
44354
44427
44500
44549
44630
44648
44665
44666
44758
44762
44793
44830
44861
44921
45014
45028
45037
45054
45055
45058
45062
45063
45073
45262
45323
45629
45660
45661
45972
45986
46069
46073
46419
46488
46492
46512
46793
362983
CVE - 2010-2478
CVE - 2010-2942
CVE - 2010-2943
CVE - 2010-2954
CVE - 2010-2955
CVE - 2010-2960
CVE - 2010-2962
CVE - 2010-2963
CVE - 2010-3067
CVE - 2010-3078
CVE - 2010-3079
CVE - 2010-3080
CVE - 2010-3084
CVE - 2010-3296
CVE - 2010-3297
CVE - 2010-3298
CVE - 2010-3310
CVE - 2010-3432
CVE - 2010-3437
CVE - 2010-3442
CVE - 2010-3448
CVE - 2010-3477
CVE - 2010-3698
CVE - 2010-3705
CVE - 2010-3848
CVE - 2010-3849
CVE - 2010-3850
CVE - 2010-3858
CVE - 2010-3859
CVE - 2010-3861
CVE - 2010-3865
CVE - 2010-3873
CVE - 2010-3874
CVE - 2010-3875
CVE - 2010-3876
CVE - 2010-3877
CVE - 2010-3880
CVE - 2010-3881
CVE - 2010-3904
CVE - 2010-4072
CVE - 2010-4073
CVE - 2010-4075
CVE - 2010-4079
CVE - 2010-4080
CVE - 2010-4081
CVE - 2010-4082
CVE - 2010-4083
CVE - 2010-4157
CVE - 2010-4158
CVE - 2010-4160
CVE - 2010-4162
CVE - 2010-4163
CVE - 2010-4164
CVE - 2010-4165
CVE - 2010-4169
CVE - 2010-4175
CVE - 2010-4242
CVE - 2010-4248
CVE - 2010-4249
CVE - 2010-4258
CVE - 2010-4343
CVE - 2010-4346
CVE - 2010-4526
CVE - 2010-4527
CVE - 2010-4648
CVE - 2010-4649
CVE - 2010-4650
CVE - 2010-4655
CVE - 2010-4656
CVE - 2010-4668
CVE - 2011-0006
CVE - 2011-0521
CVE - 2011-0712
CVE - 2011-1010
CVE - 2011-1012
CVE - 2011-1044
CVE - 2011-1082
CVE - 2011-1093
DSA-2126
Category I
V0030545
V0031252
2011-A-0147
2012-A-0020
68163
69241
RHSA-2010:0723
RHSA-2010:0758
RHSA-2010:0771
RHSA-2010:0779
RHSA-2010:0792
RHSA-2010:0839
RHSA-2010:0842
RHSA-2010:0898
RHSA-2010:0936
RHSA-2010:0958
RHSA-2010:0998
RHSA-2011:0004
RHSA-2011:0007
RHSA-2011:0017
RHSA-2011:0162
RHSA-2011:0163
RHSA-2011:0833
RHSA-2011:0927
SUSE-SA:2010:040
SUSE-SA:2010:041
SUSE-SA:2010:050
SUSE-SA:2010:051
SUSE-SA:2010:052
SUSE-SA:2010:053
SUSE-SA:2010:054
SUSE-SA:2010:057
SUSE-SA:2010:060
SUSE-SA:2011:001
SUSE-SA:2011:002
SUSE-SA:2011:004
SUSE-SA:2011:005
SUSE-SA:2011:007
SUSE-SA:2011:008
USN-1093-1
61522
61557
61884
61953
62881
63316
64496
64578
64580
64616
64617
64618
64988
65461
65563
65643

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;