Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-4914

Опубликовано: 21 июн. 2012
Источник: ubuntu
Приоритет: low
CVSS2: 6.4

Описание

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

РелизСтатусПримечание
devel

not-affected

3.1.0-1.0
hardy

released

2.6.24-29.93
lucid

released

2.6.32-34.73
maverick

released

2.6.35-30.57
natty

released

2.6.38-11.49
oneiric

not-affected

2.6.39-0.1
precise

not-affected

3.1.0-1.1
quantal

not-affected

3.1.0-1.0
upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

not-affected

3.2.0-1602.5
hardy

DNE

lucid

DNE

natty

DNE

oneiric

DNE

precise

not-affected

3.2.0-1600.1
quantal

not-affected

3.2.0-1602.5
upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

released

2.6.32-318.37
maverick

ignored

end of life
natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

released

2.6.31-610.27
maverick

DNE

natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

released

2.6.35-30.57~lucid1
maverick

DNE

natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

released

2.6.38-11.49~lucid1
maverick

DNE

natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

not-affected

3.0.0-5.6~lucid1
maverick

DNE

natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

released

2.6.32-218.35
maverick

released

2.6.32-418.35
natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

released

2.6.39~rc1

Показывать по

РелизСтатусПримечание
devel

not-affected

3.0.0-1401.2
hardy

DNE

lucid

DNE

maverick

released

2.6.35-903.23
natty

released

2.6.38-1209.15
oneiric

not-affected

3.0.0-1200.1
precise

not-affected

3.0.0-1401.2
quantal

not-affected

3.0.0-1401.2
upstream

released

2.6.39~rc1

Показывать по

Ссылки на источники

6.4 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2011-4914

redhat
почти 15 лет назад

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

nvd логотип

CVE-2011-4914

nvd
больше 13 лет назад

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

debian логотип

CVE-2011-4914

debian
больше 13 лет назад

The ROSE protocol implementation in the Linux kernel before 2.6.39 doe ...

github логотип

GHSA-f8f2-gm5q-mw3w

github
больше 3 лет назад

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

6.4 Medium

CVSS2

Уязвимость CVE-2011-4914