Vulnerability CVE-2011-1079: Information

Description

The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.

Severity: MEDIUM (5.4)

URL: https://nvd.nist.gov/vuln/detail/CVE-2011-1079

Published: June 22, 2012

Modified: Feb. 13, 2023

Error type identifier: CWE-20

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-std-debug	sisyphus	4.19.42-alt1	6.1.91-alt1	ALT-PU-2019-1791-1	229194	Fixed
kernel-image-std-debug	c9f2	4.19.42-alt1	4.19.102-alt1	ALT-PU-2019-1791-1	229194	Fixed
kernel-image-std-def	sisyphus	4.19.42-alt1	6.1.91-alt1	ALT-PU-2019-1794-1	229195	Fixed
kernel-image-std-def	p10	4.19.42-alt1	5.10.216-alt1	ALT-PU-2019-1794-1	229195	Fixed
kernel-image-std-def	p9	4.19.42-alt1	5.4.275-alt1	ALT-PU-2019-1794-1	229195	Fixed
kernel-image-std-def	p8	4.9.175-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2019-1826-1	229201	Fixed
kernel-image-std-def	c9f2	4.19.42-alt1	5.10.214-alt0.c9f.2	ALT-PU-2019-1794-1	229195	Fixed
kernel-image-std-def	c7	4.4.183-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2019-2175-1	233233	Fixed
kernel-image-std-pae	c9f2	4.19.42-alt1	4.19.72-alt1	ALT-PU-2019-1792-1	229196	Fixed
kernel-image-un-def	sisyphus	5.0.15-alt1	6.6.31-alt1	ALT-PU-2019-1793-1	229197	Fixed
kernel-image-un-def	p10	5.0.15-alt1	6.1.85-alt1	ALT-PU-2019-1793-1	229197	Fixed
kernel-image-un-def	p9	5.0.15-alt1	5.10.216-alt2	ALT-PU-2019-1793-1	229197	Fixed
kernel-image-un-def	c10f1	5.0.15-alt1	6.1.85-alt0.c10f.1	ALT-PU-2019-1793-1	229197	Fixed
kernel-image-un-def	c9f2	5.0.15-alt1	5.10.29-alt2	ALT-PU-2019-1793-1	229197	Fixed
kernel-image-un-def	c7	4.9.277-alt0.M70C.1	4.9.277-alt0.M70C.1	ALT-PU-2021-3032-1	281292	Fixed
usbip	sisyphus	5.10-alt1	5.10-alt1	ALT-PU-2023-1798-1	320453	Fixed
usbip	sisyphus_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7452-1	-	Fixed
usbip	p10	5.10-alt1	5.10-alt1	ALT-PU-2023-1903-1	320461	Fixed
usbip	p10_e2k	5.10-alt1	5.10-alt1	ALT-PU-2023-7498-1	-	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://github.com/torvalds/linux/commit/43629f8f5ea32a998d06d1bb41eefa0e821ff573	Patch
[oss-security] 20110301 Re: CVE request: kernel: two bluetooth and one ebtables infoleaks/DoSes
https://bugzilla.redhat.com/show_bug.cgi?id=681260
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
RHSA-2011:0833
http://downloads.avaya.com/css/P8/documents/100145416
http://packetstormsecurity.com/files/153799/Kernel-Live-Patch-Security-Notice-LSN-0053-1.html
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=43629f8f5ea32a998d06d1bb41eefa0e821ff573

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  End including
  2.6.38.8
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2011-1079: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1