Vulnerability Description
drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 2.6.38 |
Related Weaknesses (CWE)
References
- http://downloads.avaya.com/css/P8/documents/100145416
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
- http://lkml.org/lkml/2011/4/5/327Patch
- http://openwall.com/lists/oss-security/2011/04/05/32Patch
- http://openwall.com/lists/oss-security/2011/04/06/2Patch
- http://rhn.redhat.com/errata/RHSA-2011-0833.html
- http://secunia.com/advisories/46397
- http://www.securityfocus.com/archive/1/520102/100/0/threaded
- http://www.securityfocus.com/bid/47185
- http://www.vmware.com/security/advisories/VMSA-2011-0012.html
- https://bugzilla.redhat.com/show_bug.cgi?id=694021Patch
- https://patchwork.kernel.org/patch/688021/Patch
- http://downloads.avaya.com/css/P8/documents/100145416
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html
- http://lkml.org/lkml/2011/4/5/327Patch
FAQ
What is CVE-2011-1495?
CVE-2011-1495 is a vulnerability with a CVSS score of 7.2 (HIGH). drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to ...
How severe is CVE-2011-1495?
CVE-2011-1495 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1495?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.