Vulnerability Details : CVE-2011-4913
Potential exploit
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
Vulnerability category: OverflowMemory CorruptionDenial of service
Products affected by CVE-2011-4913
- cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:ltss:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*
Threat overview for CVE-2011-4913
Top countries where our scanners detected CVE-2011-4913
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2011-4913 3,760
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2011-4913!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2011-4913
0.95%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-4913
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2011-4913
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-4913
-
http://www.openwall.com/lists/oss-security/2011/12/28/2
oss-security - Re: CVE request: kernel: multiple issues in ROSE
-
https://bugzilla.redhat.com/show_bug.cgi?id=770777
770777 – (CVE-2011-1493, CVE-2011-4913, CVE-2011-4914) CVE-2011-1493 CVE-2011-4913 CVE-2011-4914 kernel: multiple issues in rose protocolIssue Tracking;VDB Entry
-
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
404 Not FoundBroken Link
-
https://github.com/torvalds/linux/commit/be20250c13f88375345ad99950190685eda51eb8
ROSE: prevent heap corruption with bad facilities · torvalds/linux@be20250 · GitHubExploit;Patch
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=be20250c13f88375345ad99950190685eda51eb8
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
[security-announce] SUSE-SU-2015:0812-1: important: Security update forThird Party Advisory
Jump to