Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2010-4243 | First vendor Publication | 2011-01-22 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 4.9 | Attack Range | Local |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4243 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:20503 | |||
| Oval ID: | oval:org.mitre.oval:def:20503 | ||
| Title: | VMware ESX third party updates for Service Console packages glibc and dhcp | ||
| Description: | fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2010-4243 | Version: | 4 |
| Platform(s): | VMWare ESX Server 4.1 VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:28178 | |||
| Oval ID: | oval:org.mitre.oval:def:28178 | ||
| Title: | DEPRECATED: ELSA-2011-0283 -- kernel security, bug fix, and enhancement update (moderate) | ||
| Description: | [2.6.32-71.18.1.el6] - [netdrv] ixgbe: make sure FCoE DDP user buffers are really released by the HW (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: invalidate FCoE DDP context when no error status is available (Frantisek Hrbata) [674002 617193] - [netdrv] ixgbe: avoid doing FCoE DDP when adapter is DOWN or RESETTING (Frantisek Hrbata) [674002 617193] - [fcoe] libfc: remove tgt_flags from fc_fcp_pkt struct (Mike Christie) [666797 633915] - [fcoe] libfc: use rport timeout values for fcp recovery (Frantisek Hrbata) [666797 633915] - [fcoe] libfc: incorrect scsi host byte codes returned to scsi-ml (Mike Christie) [666797 633915] - [scsi] scsi_dh_alua: fix overflow in alua_rtpg port group id check (Mike Snitzer) [673978 670572] | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2011-0283 CVE-2010-4165 CVE-2010-4169 CVE-2010-4243 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:0283-01 File : nvt/gb_RHSA-2011_0283-01_kernel.nasl |
| 2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
| 2011-09-23 | Name : RedHat Update for kernel RHSA-2011:1321-01 File : nvt/gb_RHSA-2011_1321-01_kernel.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
| 2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux-mvl-dove USN-1159-1 File : nvt/gb_ubuntu_USN_1159_1.nasl |
| 2011-07-18 | Name : Ubuntu Update for linux USN-1167-1 File : nvt/gb_ubuntu_USN_1167_1.nasl |
| 2011-07-08 | Name : Ubuntu Update for linux-mvl-dove USN-1162-1 File : nvt/gb_ubuntu_USN_1162_1.nasl |
| 2011-06-06 | Name : Ubuntu Update for linux USN-1141-1 File : nvt/gb_ubuntu_USN_1141_1.nasl |
| 2011-05-06 | Name : SuSE Update for kernel SUSE-SA:2011:020 File : nvt/gb_suse_2011_020.nasl |
| 2011-04-22 | Name : SuSE Update for kernel SUSE-SA:2011:017 File : nvt/gb_suse_2011_017.nasl |
| 2011-03-07 | Name : Debian Security Advisory DSA 2153-1 (linux-2.6) File : nvt/deb_2153_1.nasl |
| 2011-01-14 | Name : RedHat Update for Red Hat Enterprise Linux 5.6 kernel RHSA-2011:0017-01 File : nvt/gb_RHSA-2011_0017-01_Red_Hat_Enterprise_Linux_5.6_kernel.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 70659 | Linux Kernel fs/exec.c Crafted Exec System Call OOM Dodging Local DoS Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when fs/exec.c fails to enable the OOM Killer to assess memory use representing the arguments and environment, allowing a local attacker to use a crafted exec system call to cause an 'OOM dodging issue' denial of service. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2011-10-27 | IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi Severity : Category I - VMSKEY : V0030545 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1253.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_kernel-110414.nasl - Type : ACT_GATHER_INFO |
| 2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_0_build_515841_remote.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1083-1.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1321.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110222_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2011-10-14 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1202-1.nasl - Type : ACT_GATHER_INFO |
| 2011-09-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1204-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1159-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1167-1.nasl - Type : ACT_GATHER_INFO |
| 2011-07-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1162-1.nasl - Type : ACT_GATHER_INFO |
| 2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1141-1.nasl - Type : ACT_GATHER_INFO |
| 2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_kernel-110413.nasl - Type : ACT_GATHER_INFO |
| 2011-03-09 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_kernel-110228.nasl - Type : ACT_GATHER_INFO |
| 2011-02-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0283.nasl - Type : ACT_GATHER_INFO |
| 2011-02-02 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1054-1.nasl - Type : ACT_GATHER_INFO |
| 2011-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2153.nasl - Type : ACT_GATHER_INFO |
| 2011-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0017.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:06:19 |
|
| 2024-11-28 12:23:34 |
|
| 2024-08-02 12:14:56 |
|
| 2024-08-02 01:04:07 |
|
| 2024-02-02 01:14:30 |
|
| 2024-02-01 12:04:02 |
|
| 2023-09-05 12:13:31 |
|
| 2023-09-05 01:03:54 |
|
| 2023-09-02 12:13:36 |
|
| 2023-09-02 01:03:57 |
|
| 2023-08-12 12:16:12 |
|
| 2023-08-12 01:03:57 |
|
| 2023-08-11 12:13:39 |
|
| 2023-08-11 01:04:05 |
|
| 2023-08-06 12:13:07 |
|
| 2023-08-06 01:03:59 |
|
| 2023-08-04 12:13:13 |
|
| 2023-08-04 01:03:59 |
|
| 2023-07-14 12:13:10 |
|
| 2023-07-14 01:03:57 |
|
| 2023-03-29 01:15:05 |
|
| 2023-03-28 12:04:03 |
|
| 2023-02-13 09:29:01 |
|
| 2022-10-11 12:11:45 |
|
| 2022-10-11 01:03:44 |
|
| 2022-03-11 01:09:45 |
|
| 2021-05-25 12:07:24 |
|
| 2021-05-04 12:13:38 |
|
| 2021-04-22 01:14:25 |
|
| 2020-08-12 21:23:03 |
|
| 2020-08-11 12:05:37 |
|
| 2020-08-08 01:05:40 |
|
| 2020-08-07 12:05:45 |
|
| 2020-08-07 01:05:46 |
|
| 2020-08-01 12:05:43 |
|
| 2020-07-30 01:05:55 |
|
| 2020-05-23 01:43:02 |
|
| 2020-05-23 00:26:54 |
|
| 2019-01-25 12:03:27 |
|
| 2018-11-17 12:01:58 |
|
| 2018-10-30 12:03:43 |
|
| 2018-10-11 00:20:00 |
|
| 2017-08-17 09:23:09 |
|
| 2016-07-01 11:07:06 |
|
| 2016-06-29 00:16:15 |
|
| 2016-06-28 18:22:35 |
|
| 2016-04-26 20:14:11 |
|
| 2016-03-05 13:26:42 |
|
| 2014-07-23 13:24:31 |
|
| 2014-06-14 13:29:45 |
|
| 2014-02-17 10:58:36 |
|
| 2013-11-11 12:39:04 |
|
| 2013-05-10 23:36:52 |
|
