Published: 17/05/2012 Updated: 13/02/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The __sys_sendmsg function in net/socket.c in the Linux kernel prior to 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix various security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity ...

The system could be made to expose sensitive information locally ...

A security issue was fixed in the kernel ...

A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk (CVE-2011-4077, Moderate) Flaws in ghash_update() and ghash_final() co ...

CWE-476 https://bugzilla.redhat.com/show_bug.cgi?id=761646 https://github.com/torvalds/linux/commit/bc909d9ddbf7778371e36a651d6e4194b1cc7d4c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/12/08/4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc909d9ddbf7778371e36a651d6e4194b1cc7d4c https://access.redhat.com/errata/RHSA-2012:0350 https://nvd.nist.gov https://usn.ubuntu.com/1275-1/

CVE-2011-4594

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect