CVE-2010-4165
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-4165
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux Kernel do_tcp_setsockopt函数数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux Kernel 是开放源码操作系统Linux所使用的内核。 Linux kernel 2.6.37-rc2之前版本中的net/ipv4/tcp.c文件中的do_tcp_setsockopt函数不能正确限制TCP_MAXSEG(又名MSS)的值。在处理某些TCP最大分段值时存在错误,意外触发的将0用作除数错误可能导致内核崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-4165
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-4165
Please Login to view more intelligence information
- https://bugzilla.redhat.com/show_bug.cgi?id=652508x_refsource_CONFIRM
- http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.37-rc2x_refsource_CONFIRM
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.htmlvendor-advisoryx_refsource_SUSE
- http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.htmlvendor-advisoryx_refsource_SUSE
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.htmlvendor-advisoryx_refsource_SUSE
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2010-4165
Same Patch Batch · n/a · 2010-11-20 · 26 CVEs total
| CVE-2010-3872 | 7.5 HIGH | Httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcg |
| CVE-2010-3817 | Apple Safari WebKit设计错误漏洞 | |
| CVE-2010-4299 | Novell ZHM ZfHIPCND.exe文件堆缓冲区溢出漏洞 | |
| CVE-2010-4210 | FreeBSD pfs_getextattr函数权限许可和访问控制漏洞 | |
| CVE-2010-4169 | Linux Kernel mm/mprotect.c文件释放后使用漏洞 | |
| CVE-2010-3826 | Apple WebKit SVG文档中颜色处理远程代码执行漏洞 | |
| CVE-2010-3824 | Apple Safari WebKit SVG使用元素资源管理错误漏洞 | |
| CVE-2010-3823 | Apple Safari WebKit Geolocation对象资源管理错误漏洞 | |
| CVE-2010-3822 | Apple Safari WebKit web站点任意代码执行和拒绝服务漏洞 | |
| CVE-2010-3821 | Apple Safari WebKit缓冲区溢出漏洞 | |
| CVE-2010-3820 | Apple Safari WebKit资源管理错误漏洞 | |
| CVE-2010-3819 | Apple Safari WebKit代码注入漏洞 | |
| CVE-2010-3818 | Apple Safari WebKit资源管理错误漏洞 | |
| CVE-2010-3432 | Linux kernel 输入验证错误漏洞 | |
| CVE-2010-3816 | Apple Safari WebKit资源管理错误漏洞 | |
| CVE-2010-3813 | Apple Safari WebKit权限许可和访问控制漏洞 | |
| CVE-2010-3812 | Apple Safari WebKit整数溢出漏洞 | |
| CVE-2010-3811 | Apple Safari WebKit释放后使用漏洞 | |
| CVE-2010-3810 | Apple Safari WebKit跨源攻击URL欺骗漏洞 | |
| CVE-2010-3809 | Apple Safari WebKit代码注入漏洞 |
Showing top 20 of 26 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2010-4165
No comments yet