CVE-2011-1477

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:lts:*:*:*

History

21 Nov 2024, 01:26

Type Values Removed Values Added
References () http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 - Broken Link () http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 - Broken Link
References () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4d00135a680727f6c3be78f8befaac009030e4df - () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4d00135a680727f6c3be78f8befaac009030e4df -
References () http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html - Mailing List, Third Party Advisory
References () http://www.openwall.com/lists/oss-security/2011/03/25/1 - Third Party Advisory, VDB Entry () http://www.openwall.com/lists/oss-security/2011/03/25/1 - Third Party Advisory, VDB Entry
References () https://github.com/torvalds/linux/commit/4d00135a680727f6c3be78f8befaac009030e4df - Patch, Third Party Advisory () https://github.com/torvalds/linux/commit/4d00135a680727f6c3be78f8befaac009030e4df - Patch, Third Party Advisory

Information

Published : 2012-06-21 23:55

Updated : 2024-11-21 01:26


NVD link : CVE-2011-1477

Mitre link : CVE-2011-1477

CVE.ORG link : CVE-2011-1477


JSON object : View

Products Affected

suse

  • linux_enterprise_desktop

linux

  • linux_kernel
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-264

Permissions, Privileges, and Access Controls