*** This bug is a security vulnerability *** Public security bug reported:
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Tags: kernel-cve-tracker ** Tags added: kernel-cve-tracker ** Package changed: ubuntu => linux (Ubuntu) ** Visibility changed to: Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/806374 Title: CVE-2010-4165 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/806374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs