CVE Database

CVE-2010-3873

Bugzilla: 649693: CVE-2010-3873 kernel: memory corruption in X.25 facilities parsing

Details

The MITRE CVE dictionary describes this issue as:

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164.

Find out more about CVE-2010-3873 from the MITRE CVE dictionary and NIST NVD.

Statement

This issue did not affect the version of Linux kernel as shipped with Red Hat
Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG as they did not include
support for CCITT X.25 Packet Layer.

Red Hat security errata

Platform Errata Release Date

External References

Acknowledgements

Red Hat would like to thank Dan Rosenberg for reporting this issue.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.