CVE-2010-1086
kernel: dvb-core: DoS bug in ULE decapsulation code
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.
La funcionalidad de descapsulación ULE en drivers/media/dvb/dvb-core/dvb_net.c en dvb-core en el kernel de Linux v2.6.33y anteriores permite a atacantes producir una denegación de servicio (bucle infinito) a través de un marco MPEG2-TS manipulado, relacionado con el payload de un puntero ULE no valido
It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. It was discovered that the r8169 network driver did not correctly check the size of Ethernet frames. Wei Yongjun discovered that SCTP did not correctly validate certain chunks. It was discovered that KVM did not correctly limit certain privileged IO accesses on x86. Evgeniy Polyakov discovered that IPv6 did not correctly handle certain TUN packets. Tons of other vulnerabilities have also been discovered and addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-03-23 CVE Reserved
- 2010-04-06 CVE Published
- 2024-08-07 CVE Updated
- 2025-06-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (19)
| URL | Tag | Source |
|---|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d | X_refsource_confirm | |
| http://secunia.com/advisories/39649 | Third Party Advisory | |
| http://secunia.com/advisories/39742 | Third Party Advisory | |
| http://secunia.com/advisories/39830 | Third Party Advisory | |
| http://secunia.com/advisories/43315 | Third Party Advisory | |
| http://support.avaya.com/css/P8/documents/100088287 | Third Party Advisory | |
| http://support.avaya.com/css/P8/documents/100090459 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/516397/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/38479 | Third Party Advisory | |
| http://www.vmware.com/security/advisories/VMSA-2011-0003.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2010/03/01/1 | 2023-11-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=569237 | 2010-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.33 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.33" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 5.0 Search vendor "Debian" for product "Debian Linux" and version "5.0" | - |
Affected
| ||||||