VDB
CVE-2010-0437
CVE-2010-0437
PUBLISHED
CVSS 7.800000190734863 HIGH
The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors.
EPSS 4.98% · 89.9th percentile
Risk Scores
CVSS 2.0
7.800000190734863
EPSS Score
4.98%
89.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 2.6.14, 2.6.1, 0 |
| n/a | n/a | n/a |
Exploit Intelligence
- http://bugzilla.kernel.org/show_bug.cgi?id=11469 (nist-nvd)
- CIRCL confirmed: CVE-2010-0437 (circl-sighting)
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b (circl)
- 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (circl)
- 43315 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=563781 (circl)
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27 (circl)
- 39033 (circl)
- [oss-security] 20100304 Re: CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference (circl)
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html (circl)
…and 12 more exploits
Timeline
- Jul 31, 2008 PoC Published
- Jul 31, 2008 PoC Published
- Mar 24, 2010 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- RHSA-2010:0147 vendor-advisory
- http://bugzilla.kernel.org/show_bug.cgi?id=11469 url
- oval:org.mitre.oval:def:10061 vdb
- [oss-security] 20100211 CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference mailing-list
- 43315 third-party-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=563781 url
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27 url
- 39033 third-party-advisory
- [oss-security] 20100304 Re: CVE request - kernel: ip6_dst_lookup_tail() NULL pointer dereference mailing-list
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html url
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b url
- 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX mailing-list
- RHSA-2010:0161 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2010-0437 advisory
- https://access.redhat.com/errata/RHSA-2010:0147 url
- https://access.redhat.com/errata/RHSA-2010:0148 url
- https://access.redhat.com/errata/RHSA-2010:0149 url
- https://access.redhat.com/errata/RHSA-2010:0161 url
- https://access.redhat.com/security/cve/CVE-2010-0437 url
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b url