Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-4914
HistoryJun 21, 2012 - 11:55 p.m.

CVE-2011-4914

2012-06-2123:55:02
CWE-20
[email protected]
web.nvd.nist.gov
7

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.1

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

Affected configurations

Nvd
Node
linuxlinux_kernelRange2.6.38.8
OR
linuxlinux_kernelMatch2.6.38
OR
linuxlinux_kernelMatch2.6.38rc1
OR
linuxlinux_kernelMatch2.6.38rc2
OR
linuxlinux_kernelMatch2.6.38rc3
OR
linuxlinux_kernelMatch2.6.38rc4
OR
linuxlinux_kernelMatch2.6.38rc5
OR
linuxlinux_kernelMatch2.6.38rc6
OR
linuxlinux_kernelMatch2.6.38rc7
OR
linuxlinux_kernelMatch2.6.38rc8
OR
linuxlinux_kernelMatch2.6.38.1
OR
linuxlinux_kernelMatch2.6.38.2
OR
linuxlinux_kernelMatch2.6.38.3
OR
linuxlinux_kernelMatch2.6.38.4
OR
linuxlinux_kernelMatch2.6.38.5
OR
linuxlinux_kernelMatch2.6.38.6
OR
linuxlinux_kernelMatch2.6.38.7
Node
novellsuse_linux_enterprise_serverMatch10.0sp4ltss
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
linuxlinux_kernel2.6.38cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
Rows per page:
1-10 of 181

Related

prion 1
cve 1
ubuntucve 1
cvelist 1
nessus 10
ubuntu 12
openvas 15
securityvulns 2
debian 1
osv 1
suse 1
prion
prion
Out-of-bounds
2012-06-21 23:55:00
cve
cve
CVE-2011-4914
2012-06-21 23:55:02
ubuntucve
ubuntucve
CVE-2011-4914
2012-01-04 00:00:00
cvelist
cvelist
CVE-2011-4914
2012-06-21 23:00:00
nessus
nessus
Ubuntu 10.10 : linux vulnerabilities (USN-1201-1)
2011-09-14 00:00:00
Ubuntu 11.04 : linux vulnerabilities (USN-1211-1)
2011-09-22 00:00:00
Debian DSA-2389-1 : linux-2.6 - privilege escalation/denial of service/information leak
2012-01-18 00:00:00
ubuntu
ubuntu
Linux kernel (Maverick backport) vulnerabilities
2011-09-13 00:00:00
Linux kernel vulnerabilities
2011-09-13 00:00:00
Linux kernel vulnerabilities
2011-09-21 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1201-1)
2011-09-16 00:00:00
Ubuntu: Security Advisory (USN-1205-1)
2011-09-16 00:00:00
Ubuntu: Security Advisory (USN-1211-1)
2011-09-23 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2012-01-21 00:00:00
[SECURITY] [DSA 2389-1] linux-2.6 security update
2012-01-21 00:00:00
debian
debian
[SECURITY] [DSA 2389-1] linux-2.6 security update
2012-01-16 04:04:27
osv
osv
linux-2.6 - several
2012-01-15 00:00:00
suse
suse
Security update for Linux Kernel (important)
2015-04-30 21:04:52

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.1

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON
Related for NVD:CVE-2011-4914
prion1cve1ubuntucve1cvelist1nessus10ubuntu12openvas15securityvulns2debian1osv1suse1