Release date: 2010-05-21
Updated on:
Affected Systems:
Linux kernel 2.6.11.11-2.6.34
Unaffected system:
Linux kernel 2.6.35-rc1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 45262
Cve id: CVE-2010-4343
Linux Kernel is the Kernel used by open source Linux.
Linux Kernel has a local denial of service vulnerability. Local attackers can exploit this vulnerability to crash affected Kernel and cause denial of service to legitimate users.
This problem occurs because the port data structure related to the fc_host dataset is not initialized.
<* Source: Krishna Gudipati
Link: http://www.spinics.net/lists/linux-scsi/msg43772.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/