Oval Definition:oval:org.mitre.oval:def:21825
Revision Date:2014-02-24Version:61
Title:RHSA-2011:0303: kernel security and bug fix update (Moderate)
Description:The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2011:0303
CVE-2010-4249
CVE-2010-4251
CVE-2010-4655
CVE-2010-4805
RHSA-2011:0303-01
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 5
Product(s):kernel
Definition Synopsis
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • kernel-headers is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-doc is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-PAE-devel is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-devel is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-debug is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-kdump is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-xen-devel is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-debug-devel is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-PAE is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-kdump-devel is earlier than 0:2.6.18-238.5.1.el5
  • OR kernel-xen is earlier than 0:2.6.18-238.5.1.el5
    • BACK