Suse · Kernel-Desktop-Devel · CVE-2011-2700
**Name of the Vulnerable Software and Affected Versions**
btrfs-kmp-xen versions (affected versions not specified)
btrfs-kmp-pae versions (affected versions not specified)
kernel-desktop-devel versions (affected versions not specified)
Linux kernel versions prior to 2.6.39.4
**Description**
The issue involves multiple vulnerabilities in the Linux kernel and SUSE Linux Enterprise packages, which can be exploited locally to compromise the confidentiality, integrity, and availability of protected information. In the Linux kernel, multiple buffer overflows in the `si4713 write econtrol string` function may allow local users to cause a denial of service or have unspecified other impact via a crafted `s ext ctrls` operation with a `(1) V4L2 CID RDS TX PS NAME` or `(2) V4L2 CID RDS TX RADIO TEXT` control ID.
**Recommendations**
For btrfs-kmp-xen, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For btrfs-kmp-pae, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For kernel-desktop-devel, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Linux kernel versions prior to 2.6.39.4, update to version 2.6.39.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the `si4713 write econtrol string` function in the `drivers/media/radio/si4713-i2c.c` file until a patch is available.