Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-3191

Опубликовано: 23 авг. 2011
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.

Отчет

This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. It has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelWill not fix
Red Hat Enterprise Linux 5kernelFixedRHSA-2011:138620.10.2011
Red Hat Enterprise Linux 6kernelFixedRHSA-2011:146522.11.2011
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2012:001010.01.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=732869kernel: cifs: signedness issue in CIFSFindNext()

EPSS

Процентиль: 52%
0.0029
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-3191

CVSS3: 8.8
ubuntu
около 13 лет назад

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.

nvd логотип

CVE-2011-3191

CVSS3: 8.8
nvd
около 13 лет назад

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.

debian логотип

CVE-2011-3191

CVSS3: 8.8
debian
около 13 лет назад

Integer signedness error in the CIFSFindNext function in fs/cifs/cifss ...

github логотип

GHSA-xhj3-gjcc-48pc

CVSS3: 8.8
github
около 3 лет назад

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.

oracle-oval логотип

ELSA-2011-2033

oracle-oval
больше 13 лет назад

ELSA-2011-2033: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 52%
0.0029
Низкий

6.8 Medium

CVSS2