Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-2213

Опубликовано: 29 авг. 2011
Источник: nvd
CVSS2: 4.9
EPSS Низкий

Описание

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 2.6.39.3 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_aus:5.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 20%
0.00063
Низкий

4.9 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

ubuntu логотип

CVE-2011-2213

ubuntu
почти 14 лет назад

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.

redhat логотип

CVE-2011-2213

redhat
около 14 лет назад

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.

debian логотип

CVE-2011-2213

debian
почти 14 лет назад

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux k ...

github логотип

GHSA-wv38-chxj-v2gp

github
около 3 лет назад

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.

oracle-oval логотип

ELSA-2011-2024

oracle-oval
почти 14 лет назад

ELSA-2011-2024: Oracle Linux 6 Unbreakable Enterprise kernel security and bug fix update (MODERATE)

EPSS

Процентиль: 20%
0.00063
Низкий

4.9 Medium

CVSS2

Дефекты

CWE-835