CVE-2011-4913

Published Jun 21, 2012

Last updated 2 years ago

Overview

Description: The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:ltss:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D421F7F-A203-4868-846D-3A057610D399"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57A0A2B0-3B9F-40C2-8C7A-CD9590B51315",
            "versionEndIncluding": "2.6.38.8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7462DB6D-E0A6-4DBB-8E21-66B875184FFC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DDCB342-4F5F-4BF1-9624-882BBC57330D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3AB4113-BF83-4587-8A85-0E4FECEE7D9B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B57F5AD-A697-4090-89B9-81BC12993A1A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA141BCB-A705-4DF5-9EED-746B62C86111"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9ECE134-58A3-4B9D-B9B3-F836C0EDD64C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56186720-6B4C-4D71-85C5-7EAC5C5D84A1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BBB4630-CBED-43B9-B203-BE65BBF011AA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD375A78-63D7-441A-9FB0-7BC878AB4EDD"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5BEFFDD-02BB-4A05-8372-891DBDB9AC5A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "766E193D-819C-42EA-8411-AE0013AC15FA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B39B6AF-6A83-48C2-BED2-79228F8513A6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD8A68D1-DFE9-4ADB-9FB8-4D69AB4CAFF8"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D6EF951-AF15-4C30-A3A5-3392AA61813C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15154FA0-65DC-4855-AC70-3ACF92313F49"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4B3A9F4-A61F-4919-A173-3E459F0C5AF8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References