Lucene search

[email protected]CVE-2011-1748

HistoryMay 09, 2011 - 10:55 p.m.

CVE-2011-1748

2011-05-0922:55:00

CWE-476

[email protected]

web.nvd.nist.gov

linux kernel

net/can/raw.c

null pointer dereference

denial of service

nvd

cve-2011-1748

8.1 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.39

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.39

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd

openwall.com/lists/oss-security/2011/04/20/7

openwall.com/lists/oss-security/2011/04/21/1

openwall.com/lists/oss-security/2011/04/21/2

openwall.com/lists/oss-security/2011/04/21/7

openwall.com/lists/oss-security/2011/04/22/2

openwall.com/lists/oss-security/2011/04/25/4

permalink.gmane.org/gmane.linux.network/192974

www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc6

www.securityfocus.com/bid/47835

bugzilla.redhat.com/show_bug.cgi?id=698057

Social References

8.1 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2011-1748

seebug1 prion1 veracode1 ubuntucve1 nessus18 openvas29 oraclelinux2 redhat2 ubuntu10 fedora1 suse2 osv2 securityvulns2 debian2 packetstorm1