CVE-2010-4342 — Vulnetix

CVE-2010-4342 PUBLISHED CVSS 8.699999809265137 HIGH

The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP.

EPSS 1.69% · 82.6th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

1.69%

82.6th percentile

Affected Products

Vendor	Product	Versions
linux	linux_kernel	2.6.37, 0, 2.6.37
suse	linux_enterprise_server	9
n/a	n/a	*

Exploit Intelligence

Timeline

Dec 30, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 17, 2023 EPSS Score

References

[oss-security] 20101209 Re: CVE request: kernel: NULL pointer dereference in AF_ECONET mailing-list
45321 vdb
[netdev] 20101209 NULL dereference in econet AUN-over-UDP receive mailing-list
[oss-security] 20101208 CVE request: kernel: NULL pointer dereference in AF_ECONET mailing-list
ADV-2011-0375 vdb
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc6 url
SUSE-SA:2011:008 vendor-advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64 url
43291 third-party-advisory
[netdev] 20101209 Re: NULL dereference in econet AUN-over-UDP receive mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2010-4342 advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4e085e76cbe558b79b54cbab772f61185879bc64 url

Open in Interactive Console →