Back to search
CVE-2011-2497
Published: Aug 29, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.0
x_refsource_CONFIRM
[oss-security] 20110624 CVE request: kernel: remote buffer overflow in bluetooth
mailing-list
x_refsource_MLIST
[linux-kernel] 20110624 [PATCH] Bluetooth: Prevent buffer overflow in l2cap config request
mailing-list
x_refsource_MLIST
48472
vdb-entry
x_refsource_BID
74679
vdb-entry
x_refsource_OSVDB
8359
third-party-advisory
x_refsource_SREASON
[oss-security] 20110627 Re: CVE request: kernel: remote buffer overflow in bluetooth
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=716805
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now