CVE-2011-4914

Published: Jun 21, 2012Modified: Apr 29, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:P

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

Affected (18)

Products: Linux: Linux Kernel · Novell: Suse Linux Enterprise Server

1 product

1 product

Suse Linux Enterprise Server

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 2.6.38.8
Linux Linux Kernel	Version 2.6.38.1
Linux Linux Kernel	Version 2.6.38.2
Linux Linux Kernel	Version 2.6.38.3
Linux Linux Kernel	Version 2.6.38.4
Linux Linux Kernel	Version 2.6.38.5
Linux Linux Kernel	Version 2.6.38.6
Linux Linux Kernel	Version 2.6.38.7
Linux Linux Kernel	Version 2.6.38
Linux Linux Kernel	Version 2.6.38 rc1
Linux Linux Kernel	Version 2.6.38 rc2
Linux Linux Kernel	Version 2.6.38 rc3
Linux Linux Kernel	Version 2.6.38 rc4
Linux Linux Kernel	Version 2.6.38 rc5
Linux Linux Kernel	Version 2.6.38 rc6
Linux Linux Kernel	Version 2.6.38 rc7
Linux Linux Kernel	Version 2.6.38 rc8

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Novell Suse Linux Enterprise Server	Version 10.0 sp4

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

Source: secalert@redhat.com

Broken Link

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0bccd315db0c2f919e7fcf9cb60db21d9986f52

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2011/12/28/2

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=770777

Source: secalert@redhat.com

Issue TrackingVDB Entry

https://github.com/torvalds/linux/commit/e0bccd315db0c2f919e7fcf9cb60db21d9986f52

Source: secalert@redhat.com

ExploitPatch

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0bccd315db0c2f919e7fcf9cb60db21d9986f52

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2011/12/28/2

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=770777

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVDB Entry

https://github.com/torvalds/linux/commit/e0bccd315db0c2f919e7fcf9cb60db21d9986f52

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

Timeline

No history available yet.