[email protected]CVE-2011-0521

HistoryFeb 02, 2011 - 11:00 p.m.

CVE-2011-0521

2011-02-0223:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-0521

linux kernel

denial of service

memory corruption

nvd

security vulnerability

6.3 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.38

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.38

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cb26a24ee9706473f31d34cc259f4dcf45cd0644

openwall.com/lists/oss-security/2011/01/24/2

openwall.com/lists/oss-security/2011/01/25/2

secunia.com/advisories/43009

secunia.com/advisories/46397

www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc2

www.securityfocus.com/archive/1/520102/100/0/threaded

www.securityfocus.com/bid/45986

www.securitytracker.com/id?1025195

www.vmware.com/security/advisories/VMSA-2011-0012.html

exchange.xforce.ibmcloud.com/vulnerabilities/64988

Social References

6.3 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2011-0521

ubuntucve1 veracode1 prion1 nessus34 openvas43 redhat5 ubuntu8 securityvulns5 oraclelinux5 centos1 fedora3 suse5 debian1 osv1 vmware2 packetstorm1