Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-vwj3-5b6z-17b1
Vulnerability ID VCID-vwj3-5b6z-17b1
Aliases CVE-2010-3432
Summary kernel: sctp: do not reset the packet during sctp_packet_config
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-228 Improper Handling of Syntactically Invalid Structure
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-20 Improper Input Validation
System Score Found at
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
epss 0.04322 https://api.first.org/data/v1/epss?cve=CVE-2010-3432
cvssv2 7.8 https://nvd.nist.gov/vuln/detail/CVE-2010-3432
Reference id Reference type URL
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
http://marc.info/?l=linux-netdev&m=128453869227715&w=3
http://marc.info/?l=oss-security&m=128534569803598&w=2
http://marc.info/?l=oss-security&m=128537701808336&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3432.json
https://api.first.org/data/v1/epss?cve=CVE-2010-3432
http://secunia.com/advisories/42400
http://secunia.com/advisories/42778
http://secunia.com/advisories/42789
http://secunia.com/advisories/46397
http://www.debian.org/security/2010/dsa-2126
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.6
http://www.redhat.com/support/errata/RHSA-2010-0842.html
http://www.redhat.com/support/errata/RHSA-2010-0936.html
http://www.redhat.com/support/errata/RHSA-2010-0958.html
http://www.redhat.com/support/errata/RHSA-2011-0004.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.securityfocus.com/bid/43480
http://www.ubuntu.com/usn/USN-1000-1
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2010/3113
http://www.vupen.com/english/advisories/2011/0012
http://www.vupen.com/english/advisories/2011/0024
http://www.vupen.com/english/advisories/2011/0298
637675 https://bugzilla.redhat.com/show_bug.cgi?id=637675
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
CVE-2010-3432 https://nvd.nist.gov/vuln/detail/CVE-2010-3432
RHSA-2010:0842 https://access.redhat.com/errata/RHSA-2010:0842
RHSA-2010:0936 https://access.redhat.com/errata/RHSA-2010:0936
RHSA-2010:0958 https://access.redhat.com/errata/RHSA-2010:0958
RHSA-2011:0004 https://access.redhat.com/errata/RHSA-2011:0004
USN-1000-1 https://usn.ubuntu.com/1000-1/
USN-1074-1 https://usn.ubuntu.com/1074-1/
USN-1074-2 https://usn.ubuntu.com/1074-2/
USN-1083-1 https://usn.ubuntu.com/1083-1/
USN-1093-1 https://usn.ubuntu.com/1093-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2010-3432
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.88856
EPSS Score 0.04322
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:57:04.563284+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3432.json 38.0.0