Unrated severityNVD Advisory· Published Nov 29, 2010· Updated Apr 29, 2026

CVE-2010-4249

Description

The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.

Affected products

Linux/Kernel4 versions
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <2.6.37
- cpe:2.3:o:linux:linux_kernel:2.6.37:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*
Fedoraproject/Fedora
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lkml.org/lkml/2010/11/23/450nvdPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
lkml.org/lkml/2010/11/23/395nvdExploitThird Party Advisory
lkml.org/lkml/2010/11/25/8nvdExploitThird Party Advisory
marc.infonvdExploitMailing ListPatch
www.exploit-db.com/exploits/15622/nvdExploitThird Party AdvisoryVDB Entry
www.openwall.com/lists/oss-security/2010/11/24/10nvdExploitMailing ListPatchThird Party Advisory
www.openwall.com/lists/oss-security/2010/11/24/2nvdExploitMailing ListThird Party Advisory
lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.htmlnvdThird Party Advisory
secunia.com/advisories/42354nvdThird Party Advisory
secunia.com/advisories/42745nvdThird Party Advisory
secunia.com/advisories/42890nvdThird Party Advisory
secunia.com/advisories/42963nvdThird Party Advisory
secunia.com/advisories/46397nvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2011-0007.htmlnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2011-0162.htmlnvdThird Party Advisory
www.securityfocus.com/archive/1/520102/100/0/threadednvdThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/45037nvdThird Party AdvisoryVDB Entry
www.vmware.com/security/advisories/VMSA-2011-0012.htmlnvdThird Party Advisory
www.vupen.com/english/advisories/2010/3321nvdThird Party Advisory
www.vupen.com/english/advisories/2011/0168nvdThird Party Advisory
www.kernel.org/pub/linux/kernel/v2.6/next/patch-v2.6.37-rc3-next-20101125.bz2nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000