Lucene search

K
cveRedhatCVE-2011-4914
HistoryJun 21, 2012 - 11:55 p.m.

CVE-2011-4914

2012-06-2123:55:02
CWE-20
redhat
web.nvd.nist.gov
51
2
cve-2011-4914
linux kernel
rose protocol
denial of service
out-of-bounds read
nvd

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

5.8

Confidence

High

EPSS

0.019

Percentile

88.6%

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.6.38.8
OR
linuxlinux_kernelMatch2.6.38
OR
linuxlinux_kernelMatch2.6.38rc1
OR
linuxlinux_kernelMatch2.6.38rc2
OR
linuxlinux_kernelMatch2.6.38rc3
OR
linuxlinux_kernelMatch2.6.38rc4
OR
linuxlinux_kernelMatch2.6.38rc5
OR
linuxlinux_kernelMatch2.6.38rc6
OR
linuxlinux_kernelMatch2.6.38rc7
OR
linuxlinux_kernelMatch2.6.38rc8
OR
linuxlinux_kernelMatch2.6.38.1
OR
linuxlinux_kernelMatch2.6.38.2
OR
linuxlinux_kernelMatch2.6.38.3
OR
linuxlinux_kernelMatch2.6.38.4
OR
linuxlinux_kernelMatch2.6.38.5
OR
linuxlinux_kernelMatch2.6.38.6
OR
linuxlinux_kernelMatch2.6.38.7
Node
novellsuse_linux_enterprise_serverMatch10.0sp4ltss
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
Rows per page:
1-10 of 181

Social References

More

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

5.8

Confidence

High

EPSS

0.019

Percentile

88.6%