Lucene search

[email protected]CVE-2011-0714

HistoryMay 04, 2011 - 10:55 p.m.

CVE-2011-0714

2011-05-0422:55:02

CWE-399

[email protected]

web.nvd.nist.gov

cve-2011-0714

use-after-free vulnerability

red hat

rpc server

linux kernel 2.6.32

rhel 6

denial of service

nvd

5.7 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.5%

JSON

Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function.

Affected configurations

NVD

Node

linuxlinux_kernelMatch2.6.32

AND

redhatenterprise_linuxMatch6.0

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.32
redhat:enterprise_linuxredhat enterprise linuxeq6.0

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.32
redhat:enterprise_linux	redhat enterprise linux	eq	6.0

References

openwall.com/lists/oss-security/2011/03/08/17

openwall.com/lists/oss-security/2011/03/09/1

bugzilla.redhat.com/show_bug.cgi?id=678144

rhn.redhat.com/errata/RHSA-2011-0329.html

5.7 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.5%

JSON

Related for CVE-2011-0714

openvas4 cvelist1 ubuntucve1 veracode1 oraclelinux2 nessus2 redhat1 nvd1 prion1