CVE-2010-4342 — Vulnetix

Try Vulnetix Request Demo

CVE-2010-4342 PUBLISHED CVSS 8.699999809265137 HIGH

The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP.

EPSS 1.69% · 82.1th percentile

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

1.69%

82.1th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	2.6.37, 0, 2.6.37
suse	linux_enterprise_server	9
n/a	n/a	n/a

Timeline

Dec 30, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

[oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET mailing-list
45321 vdb
[netdev] 20101209 NULL dereference in econet AUN-over-UDP receive mailing-list
[oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET mailing-list
ADV-2011-0375 vdb
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6 url
SUSE-SA:2011:008 vendor-advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64 url
43291 third-party-advisory
[netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2010-4342 advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64 url

Open in Interactive Console →