CVE-2010-3880

MEDIUM Year: 2010
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-835
View all →

Vulnerability Description

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

Related Vulnerabilities

CVE-2018-20784

CRITICAL
CVSS:9.8(Critical)

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspeci...

CWE-8352018

CVE-2021-42143

CRITICAL
CVSS:9.1(Critical)

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to ca...

CWE-8352021

CVE-2024-43366

CRITICAL
CVSS:9.1(Critical)

zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit condition...

CWE-8352024

CVE-2018-8002

HIGH
CVSS:8.8(High)

In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vul...

CWE-8352018

CVE-2023-20020

HIGH
CVSS:8.6(High)

A vulnerability in the Device Management Servlet application of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote att...

CWE-8352023

CVE-2023-20083

HIGH
CVSS:8.6(High)

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CP...

CWE-8352023