CVE-2011-1493

CVSS v2.0 7.5 (High)

EPSS 2.20 % (90^th)

Affected Products 1

Advisories 13

Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket.

Weaknesses

CWE-NVD-Other

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2012-06-21 23:55:02
(12 years ago)
Updated Date: 2023-02-13 01:19:14
(19 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	Up To
Linux Kernel 2.6.38.8 and prior versions	cpe:2.3:o:linux:linux_kernel	<= 2.6.38.8
Linux Kernel 2.6.38	cpe:2.3:o:linux:linux_kernel:2.6.38
Linux Kernel 2.6.38 Rc1	cpe:2.3:o:linux:linux_kernel:2.6.38:rc1
Linux Kernel 2.6.38 Rc2	cpe:2.3:o:linux:linux_kernel:2.6.38:rc2
Linux Kernel 2.6.38 Rc3	cpe:2.3:o:linux:linux_kernel:2.6.38:rc3
Linux Kernel 2.6.38 Rc4	cpe:2.3:o:linux:linux_kernel:2.6.38:rc4
Linux Kernel 2.6.38 Rc5	cpe:2.3:o:linux:linux_kernel:2.6.38:rc5
Linux Kernel 2.6.38 Rc6	cpe:2.3:o:linux:linux_kernel:2.6.38:rc6
Linux Kernel 2.6.38 Rc7	cpe:2.3:o:linux:linux_kernel:2.6.38:rc7
Linux Kernel 2.6.38 Rc8	cpe:2.3:o:linux:linux_kernel:2.6.38:rc8
Linux Kernel 2.6.38.1	cpe:2.3:o:linux:linux_kernel:2.6.38.1
Linux Kernel 2.6.38.2	cpe:2.3:o:linux:linux_kernel:2.6.38.2
Linux Kernel 2.6.38.3	cpe:2.3:o:linux:linux_kernel:2.6.38.3
Linux Kernel 2.6.38.4	cpe:2.3:o:linux:linux_kernel:2.6.38.4
Linux Kernel 2.6.38.5	cpe:2.3:o:linux:linux_kernel:2.6.38.5
Linux Kernel 2.6.38.6	cpe:2.3:o:linux:linux_kernel:2.6.38.6
Linux Kernel 2.6.38.7	cpe:2.3:o:linux:linux_kernel:2.6.38.7