6.9
CVSSv2

CVE-2011-4077

Published: 27/01/2012 Updated: 27/07/2023
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix various security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, several bugs,and add one enhancement are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix multiple security issues and variousbugs are now available for Red Hat Enterprise MRG 21The Red Hat Security Response Team has rated this update as havingimportant ...
A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk (CVE-2011-4077, Moderate) Flaws in ghash_update() and ghash_final() co ...
The epoll implementation in the Linux kernel 26372 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeopsc in ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
Several security issues were fixed in the kernel ...
The system could be made to run programs as an administrator ...