Published: 25/01/2011 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The pipe_fcntl function in fs/pipe.c in the Linux kernel prior to 2.6.37 does not properly determine whether a file is a named pipe, which allows local users to cause a denial of service via an F_SETPIPE_SZ fcntl call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Multiple kernel flaws ...

Multiple kernel vulnerablilities ...

Multiple kernel flaws have been fixed ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-20 http://openwall.com/lists/oss-security/2010/11/30/9 http://openwall.com/lists/oss-security/2010/11/30/6 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c66fb347946ebdd5b10908866ecc9fa05ee2cf3d https://nvd.nist.gov https://usn.ubuntu.com/1083-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4256

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect