ByteOS Network

Vulnerability Details :

CVE-2010-4160

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-07 Jan, 2011 | 11:00

Updated At-07 Aug, 2024 | 03:34

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:redhat

Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749

Published At:07 Jan, 2011 | 11:00

Updated At:07 Aug, 2024 | 03:34

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://secunia.com/advisories/43056	third-party-advisory x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html	vendor-advisory x_refsource_SUSE
http://secunia.com/advisories/42801	third-party-advisory x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html	vendor-advisory x_refsource_SUSE
http://openwall.com/lists/oss-security/2010/11/24/6	mailing-list x_refsource_MLIST
http://secunia.com/advisories/42932	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-0007.html	vendor-advisory x_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0124	vdb-entry x_refsource_VUPEN
http://www.spinics.net/lists/netdev/msg145673.html	mailing-list x_refsource_MLIST
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2	x_refsource_CONFIRM
http://openwall.com/lists/oss-security/2010/11/24/12	mailing-list x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=651892	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html	vendor-advisory x_refsource_SUSE
http://www.vupen.com/english/advisories/2011/0375	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/42890	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0012	vdb-entry x_refsource_VUPEN
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a	x_refsource_CONFIRM
http://www.securityfocus.com/bid/44762	vdb-entry x_refsource_BID
http://openwall.com/lists/oss-security/2010/11/24/4	mailing-list x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html	vendor-advisory x_refsource_SUSE
http://openwall.com/lists/oss-security/2010/11/10/5	mailing-list x_refsource_MLIST
http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/	x_refsource_MISC
http://openwall.com/lists/oss-security/2010/11/24/5	mailing-list x_refsource_MLIST
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0	x_refsource_CONFIRM
http://secunia.com/advisories/43291	third-party-advisory x_refsource_SECUNIA
http://openwall.com/lists/oss-security/2010/11/10/16	mailing-list x_refsource_MLIST
http://www.vupen.com/english/advisories/2011/0213	vdb-entry x_refsource_VUPEN
http://www.spinics.net/lists/netdev/msg145248.html	mailing-list x_refsource_MLIST

Hyperlink: http://secunia.com/advisories/43056

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://secunia.com/advisories/42801

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/6

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://secunia.com/advisories/42932

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0007.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.vupen.com/english/advisories/2011/0124

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.spinics.net/lists/netdev/msg145673.html

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Resource:

x_refsource_CONFIRM

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/12

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=651892

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://www.vupen.com/english/advisories/2011/0375

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/42890

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2011/0012

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/44762

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/4

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://openwall.com/lists/oss-security/2010/11/10/5

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/

Resource:

x_refsource_MISC

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/5

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/43291

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://openwall.com/lists/oss-security/2010/11/10/16

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.vupen.com/english/advisories/2011/0213

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.spinics.net/lists/netdev/msg145248.html

Resource:

mailing-list

x_refsource_MLIST

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://secunia.com/advisories/43056	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html	vendor-advisory x_refsource_SUSE x_transferred
http://secunia.com/advisories/42801	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html	vendor-advisory x_refsource_SUSE x_transferred
http://openwall.com/lists/oss-security/2010/11/24/6	mailing-list x_refsource_MLIST x_transferred
http://secunia.com/advisories/42932	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0007.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.vupen.com/english/advisories/2011/0124	vdb-entry x_refsource_VUPEN x_transferred
http://www.spinics.net/lists/netdev/msg145673.html	mailing-list x_refsource_MLIST x_transferred
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2	x_refsource_CONFIRM x_transferred
http://openwall.com/lists/oss-security/2010/11/24/12	mailing-list x_refsource_MLIST x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=651892	x_refsource_CONFIRM x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html	vendor-advisory x_refsource_SUSE x_transferred
http://www.vupen.com/english/advisories/2011/0375	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/42890	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2011/0012	vdb-entry x_refsource_VUPEN x_transferred
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/44762	vdb-entry x_refsource_BID x_transferred
http://openwall.com/lists/oss-security/2010/11/24/4	mailing-list x_refsource_MLIST x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html	vendor-advisory x_refsource_SUSE x_transferred
http://openwall.com/lists/oss-security/2010/11/10/5	mailing-list x_refsource_MLIST x_transferred
http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/	x_refsource_MISC x_transferred
http://openwall.com/lists/oss-security/2010/11/24/5	mailing-list x_refsource_MLIST x_transferred
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/43291	third-party-advisory x_refsource_SECUNIA x_transferred
http://openwall.com/lists/oss-security/2010/11/10/16	mailing-list x_refsource_MLIST x_transferred
http://www.vupen.com/english/advisories/2011/0213	vdb-entry x_refsource_VUPEN x_transferred
http://www.spinics.net/lists/netdev/msg145248.html	mailing-list x_refsource_MLIST x_transferred

Hyperlink: http://secunia.com/advisories/43056

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://secunia.com/advisories/42801

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/6

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://secunia.com/advisories/42932

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0007.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2011/0124

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.spinics.net/lists/netdev/msg145673.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/12

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=651892

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2011/0375

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/42890

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2011/0012

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/bid/44762

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/4

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://openwall.com/lists/oss-security/2010/11/10/5

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://xorl.wordpress.com/2010/11/11/cve-2010-4160-linux-kernel-l2tp-integer-overflows/

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://openwall.com/lists/oss-security/2010/11/24/5

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/43291

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://openwall.com/lists/oss-security/2010/11/10/16

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2011/0213

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.spinics.net/lists/netdev/msg145248.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secalert@redhat.com

Published At:07 Jan, 2011 | 12:00

Updated At:11 Apr, 2025 | 00:51

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.9	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 6.9

Base severity: MEDIUM

Vector:

AV:L/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-190	Primary	nvd@nist.gov

CWE ID: CWE-190

Type: Primary

Source: nvd@nist.gov