Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2213
HistoryAug 29, 2011 - 12:00 a.m.

CVE-2011-2213

2011-08-2900:00:00
ubuntu.com
ubuntu.com
16

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.7%

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel
before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows
local users to cause a denial of service (kernel infinite loop) via crafted
INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated
by an INET_DIAG_BC_JMP instruction with a zero yes value, a different
vulnerability than CVE-2010-3880.

Bugs

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

8.7%

Related for UB:CVE-2011-2213