PT-2011-2577 · Linux+1 · Linux Kernel+1
Published
2011-02-18
·
Updated
2024-06-15
·
CVE-2011-0712
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 2.6.38-rc4-next-20110215
Description
The issue is related to multiple buffer overflows in the caiaq Native Instruments USB audio functionality. This could potentially allow attackers to cause a denial of service or have other unspecified impacts via a long USB device name. The problem is associated with the
snd usb caiaq audio init function in sound/usb/caiaq/audio.c and the snd usb caiaq midi init function in sound/usb/caiaq/midi.c.Recommendations
For Linux kernel versions prior to 2.6.38-rc4-next-20110215, update to version 2.6.38-rc4-next-20110215 or later to resolve the issue. As a temporary workaround, consider restricting the use of long USB device names to minimize the risk of exploitation.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel
Red Hat