Unrated severityNVD Advisory· Published Sep 8, 2010· Updated Apr 29, 2026

CVE-2010-2959

Description

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic.

Affected products

SUSE S.A./Linux Enterprise Server
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.27.53
Fedoraproject/Fedora
cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
OpenSUSE/openSUSE
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Desktop
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
SUSE S.A./Linux Enterprise High Availability Extension
cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp1:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Real Time
cpe:2.3:o:suse:linux_enterprise_real_time:11:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
jon.oberheide.org/files/i-can-haz-modharden.cnvdExploitMailing ListThird Party Advisory
www.securityfocus.com/bid/42585nvdExploitThird Party AdvisoryVDB Entry
lists.fedoraproject.org/pipermail/package-announce/2010-September/046947.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlnvdMailing ListThird Party Advisory
www.debian.org/security/2010/dsa-2094nvdThird Party Advisory
www.openwall.com/lists/oss-security/2010/08/20/2nvdMailing ListThird Party Advisory
secunia.com/advisories/41512nvdBroken Link
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53nvdBroken Link
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21nvdBroken Link
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6nvdBroken Link
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4nvdBroken Link
www.mandriva.com/security/advisoriesnvdBroken Link
www.vupen.com/english/advisories/2010/2430nvdBroken Link
www.vupen.com/english/advisories/2011/0298nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000