Published: 24/05/2012 Updated: 13/02/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

crypto/ghash-generic.c in the Linux kernel prior to 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix various security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and two bugsare now available for Red Hat Enterprise MRG 20The Red Hat Security Response Team has rated this update as havingimportant secu ...

Several security issues were fixed in the kernel ...

The system could be made to crash under certain conditions ...

Several security issues were fixed in the kernel ...

A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk (CVE-2011-4077, Moderate) Flaws in ghash_update() and ghash_final() co ...

The epoll implementation in the Linux kernel 26372 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeopsc in ...

CWE-476 https://github.com/torvalds/linux/commit/7ed47b7d142ec99ad6880bbbec51e9f12b3af74c http://www.openwall.com/lists/oss-security/2011/10/27/2 https://bugzilla.redhat.com/show_bug.cgi?id=749475 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ed47b7d142ec99ad6880bbbec51e9f12b3af74c https://access.redhat.com/errata/RHSA-2012:0350 https://nvd.nist.gov https://usn.ubuntu.com/1312-1/

CVE-2011-4081

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect