Vulnerability Details : CVE-2011-1748
The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2011-1748
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:-:*:*:*:*:*:*
Threat overview for CVE-2011-1748
Top countries where our scanners detected CVE-2011-1748
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2011-1748 1,556
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2011-1748!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2011-1748
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1748
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2011-1748
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1748
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=10022a6c66e199d8f61d9044543f38785713cbbd
-
http://openwall.com/lists/oss-security/2011/04/21/7
oss-security - Re: CVE request: kernel: missing socket check in can/bcm releaseMailing List;Third Party Advisory
-
http://openwall.com/lists/oss-security/2011/04/20/7
oss-security - Re: CVE request: kernel: missing socket check in can/bcm releaseMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=698057
698057 – (CVE-2011-1598, CVE-2011-1748) CVE-2011-1598 CVE-2011-1748 kernel: missing check in can/bcm and can/raw socket releasesIssue Tracking;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/47835
Linux Kernel 'net/can/raw.c' Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
http://openwall.com/lists/oss-security/2011/04/21/1
oss-security - Re: CVE request: kernel: missing socket check in can/bcm releaseMailing List;Third Party Advisory
-
http://permalink.gmane.org/gmane.linux.network/192974
Broken Link
-
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.39-rc6
404: File not foundBroken Link
-
http://openwall.com/lists/oss-security/2011/04/25/4
oss-security - Re: CVE request: kernel: missing socket check in can/bcm releaseMailing List;Third Party Advisory
-
http://openwall.com/lists/oss-security/2011/04/22/2
oss-security - Re: CVE request: kernel: missing socket check in can/bcm releaseMailing List;Third Party Advisory
-
http://openwall.com/lists/oss-security/2011/04/21/2
oss-security - Re: CVE request: kernel: missing socket check in can/bcm releaseMailing List;Third Party Advisory
Jump to