|Bugzilla:||649693: CVE-2010-3873 kernel: memory corruption in X.25 facilities parsing|
The MITRE CVE dictionary describes this issue as:
The X.25 implementation in the Linux kernel before 126.96.36.199 does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed (1) X25_FAC_CALLING_AE or (2) X25_FAC_CALLED_AE data, related to net/x25/x25_facilities.c and net/x25/x25_in.c, a different vulnerability than CVE-2010-4164.
This issue did not affect the version of Linux kernel as shipped with Red Hat
Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG as they did not include
support for CCITT X.25 Packet Layer.
Red Hat security errata
Red Hat would like to thank Dan Rosenberg for reporting this issue.
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.