Home

CVE-2011-1079

Description

The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.118

Associated Vulnerability

VulnerabilityOS Platform
Dtrace-modules-3.8.13-118.35.1.el6uek update (ELSA-2019-4672) dtrace-modules-3.8.13-118.35.1.el6uek-0.4.5-3.el6.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.35.1.el7uek update (ELSA-2019-4672) dtrace-modules-3.8.13-118.35.1.el7uek-0.4.5-3.el7.x86_64.rpmLinux
Kernel-uek update (ELSA-2020-5913) kernel-uek-4.14.35-2025.402.2.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2020-5913) kernel-uek-debug-4.14.35-2025.402.2.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2020-5913) kernel-uek-debug-devel-4.14.35-2025.402.2.1.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2020-5913) kernel-uek-devel-4.14.35-2025.402.2.1.el7uek.x86_64.rpmLinux
Kernel-uek-tools update (ELSA-2020-5913) kernel-uek-tools-4.14.35-2025.402.2.1.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2020-5913) kernel-uek-doc-4.14.35-2025.402.2.1.el7uek.noarch.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234