CVE-2011-1477Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-26413 documents6 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 77.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelSuse Linux Enterprise Desktop
Timeline
PublishedJun 21
Latest updateMay 17

Description

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDlinux/linux_kernel2.6.38.8

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-9cxg-mgw2-24vg: Multiple array index errors in sound/oss/opl32022-05-17
CVEList
CVE-2011-1477: Multiple array index errors in sound/oss/opl32012-06-21

📋Vendor Advisories

9
Ubuntu
linux-ti-omap4 vulnerabilities2012-03-07
Ubuntu
Linux kernel vulnerabilities2012-03-06
Ubuntu
Linux kernel (OMAP4) vulnerabilities2011-09-21
Ubuntu
Linux kernel (Maverick backport) vulnerabilities2011-08-09
Ubuntu
Linux kernel vulnerabilities (Marvell Dove)2011-07-13

💬Community

1
Bugzilla
CVE kernel non-issue statements2010-05-13
CVE-2011-1477 — Linux Kernel vulnerability | cvebase