CVE-2011-4913 — Improper Input Validation in Kernel

CWE-20 — Improper Input Validation CWE-228 — Improper Handling of Syntactically Invalid Structure CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents6 sources

Severity

7.8HIGHNVD

EPSS

1.0%

top 23.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Novell Suse Linux Enterprise Server

Timeline

PublishedJun 21

Latest updateMay 17

Description

The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDlinux/linux_kernel2.6.38.8+8

▶NVDnovell/suse_linux_enterprise_server10.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-xw9x-352m-86jm: The rose_parse_ccitt function in net/rose/rose_subr↗2022-05-17

▶

CVEList

CVE-2011-4913: The rose_parse_ccitt function in net/rose/rose_subr↗2012-06-21

▶

📋Vendor Advisories

Ubuntu

Linux kernel (OMAP4) vulnerabilities↗2011-09-21

▶

Ubuntu

Linux kernel (OMAP4) vulnerabilities↗2011-09-13

▶

Ubuntu

Linux kernel (i.MX51) vulnerabilities↗2011-09-13

▶

Ubuntu

Linux kernel vulnerabilities↗2011-08-19

▶

Ubuntu

Linux kernel (Maverick backport) vulnerabilities↗2011-08-09

▶

💬Community

Bugzilla

CVE-2011-1493 CVE-2011-4913 CVE-2011-4914 kernel: multiple issues in rose protocol [fedora-all]↗2011-12-29

▶

Bugzilla

CVE-2011-1493 CVE-2011-4913 CVE-2011-4914 kernel: multiple issues in rose protocol↗2011-12-29

▶