Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-4250

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2010-4250
Last Modified 26 Jun 2012 12:00:00
Published 21 Jun 2012 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2010-4250

Summary

Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.36.1

  • Linux Kernel 2.6.36.2

  • Linux Kernel 2.6.36.3

  • Linux Kernel 2.6.36.4


References

CONFIRM - https://github.com/torvalds/linux/commit/a2ae4cc9a16e211c8a128ba10d22a85431f093ab

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=656830

MLIST - [oss-security] 20101124 Re: CVE request: kernel: inotify memory leak

CONFIRM - http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a2ae4cc9a16e211c8a128ba10d22a85431f093ab

CONFIRM - http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37


Last Updated: 27 May 2016 10:56:33