PT-2011-1064 · Suse+2 · Ext4Dev-Kmp-Trace+3

Clément Lecigne

Publicado

2011-08-31

Atualizado

2024-06-15

CVE-2011-2203

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel version 2.6 ext4dev-kmp-trace (affected versions not specified)

Description The issue concerns a denial of service in the Linux kernel, specifically through the hfs find init function when mounting an HFS file system with a malformed MDB extent record, leading to a NULL pointer dereference and Oops. Additionally, there are multiple vulnerabilities in the ext4dev-kmp-trace package of SUSE Linux Enterprise that can be exploited remotely, potentially disrupting the availability of protected information.

Recommendations For Linux kernel version 2.6, consider disabling the hfs find init function as a temporary workaround until a patch is available. For ext4dev-kmp-trace, restrict access to the package to minimize the risk of exploitation until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-476

Identificadores relacionados

BDU:2015-04359

CVE-2011-2203

OPENSUSE-SU-2024:10128-1

RHSA-2011:1479

RHSA-2011_1479

USN-1318-1

USN-1319-1

USN-1322-1

USN-1323-1

USN-1324-1

USN-1325-1

USN-1328-1

USN-1330-1

USN-1332-1

USN-1336-1

USN-1337-1

USN-1340-1

USN-1341-1

USN-1344-1

USN-1345-1

Produtos afetados

Linux Kernel

Red Hat

Suse

Ext4Dev-Kmp-Trace

PT-2011-1064 · Suse+2 · Ext4Dev-Kmp-Trace+3

CVE-2011-2203

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 123