Published: 27/01/2012 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and two bugsare now available for Red Hat Enterprise MRG 20The Red Hat Security Response Team has rated this update as havingimportant secu ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, several bugs,and add one enhancement are now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated ...

Synopsis Moderate: Red Hat Enterprise Linux 6 kernel security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix multiple security issues, address severalhundred bugs and add numerous enhancements are now available as part of theongoing support a ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix multiple security issues and variousbugs are now available for Red Hat Enterprise MRG 21The Red Hat Security Response Team has rated this update as havingimportant ...

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix various security issues and several bugsare now available for Red Hat Enterprise Linux 61 Extended Update SupportThe Red Hat Security Response Team has rated this update a ...

IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services (CVE-2011-2699, Important) A signedness issue was found in the Linux kernel's CIFS (Common Internet File System) implementation A malicious CIFS server could send a specially- ...

Several security issues were fixed in the kernel ...

Two security issues were fixed in the kernel ...

Several security issues were fixed in the kernel ...

The system could be made to run programs as an administrator ...

CWE-264 http://www.securityfocus.com/bid/50755 http://www.openwall.com/lists/oss-security/2011/11/21/19 https://lkml.org/lkml/2011/11/15/363 http://www.openwall.com/lists/oss-security/2011/11/22/6 https://bugzilla.redhat.com/show_bug.cgi?id=751297 http://www.openwall.com/lists/oss-security/2011/11/22/5 http://www.ubuntu.com/usn/USN-1328-1 http://www.ubuntu.com/usn/USN-1324-1 http://www.ubuntu.com/usn/USN-1344-1 http://secunia.com/advisories/47754 http://marc.info/?l=bugtraq&m=139447903326211&w=2 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:0010 https://usn.ubuntu.com/1323-1/https://alas.aws.amazon.com/ALAS-2011-26.html

Get Started

CVE-2011-4110

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect