First published: Wed Dec 08 2010(Updated: )
drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/linux-2.6 | ||
Linux Kernel | <2.6.35 | |
VMware ESXi | =4.1 | |
VMware ESXi | =4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2010-4343 is categorized as a medium severity vulnerability due to its potential to cause a denial of service.
To fix CVE-2010-4343, upgrade your Linux kernel to version 2.6.35 or later, or apply the relevant patches provided by your distribution.
CVE-2010-4343 affects all Linux kernel versions prior to 2.6.35.
Yes, CVE-2010-4343 specifically affects VMware ESX version 4.0 and 4.1.
CVE-2010-4343 allows local users to crash the system by reading certain statistics files, leading to a denial of service.