CVE-2011-1495

by Fred · 03/05/2011

drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.

Date published : 2011-05-03

http://www.securityfocus.com/bid/47185

http://www.securityfocus.com/archive/1/520102/100/0/threaded

CVE-2011-1495

Similar

Recent Posts

Categories

CVE-2011-1495

Share this:

Similar

Recent Posts

Categories

Tags