CVE-2010-4164

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873.

Published: Jan 3, 2011
Updated: Apr 13, 2023
CVE: CVE-2010-4164
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-191

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	-	2.6.36.2
suse / linux_enterprise_server	10-sp3	10-sp3.x
suse / linux_enterprise_desktop	11-sp1	11-sp1.x
suse / linux_enterprise_server	11-sp1	11-sp1.x
suse / linux_enterprise_server	9	9.x
opensuse / opensuse	11.2	11.2.x
opensuse / opensuse	11.3	11.3.x
suse / linux_enterprise_desktop	10-sp3	10-sp3.x
suse / linux_enterprise_software_development_kit	10-sp3	10-sp3.x
suse / linux_enterprise_real_time_extension	11-sp1	11-sp1.x
debian / debian_linux	5.0	5.0.x

Vulnerability Database

289,697

CVE-2010-4164