Back to search
CVE-2011-2525
Published: Feb 2, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=720552
x_refsource_CONFIRM
RHSA-2011:1065
vendor-advisory
x_refsource_REDHAT
[netdev] 20100521 tc: RTM_GETQDISC causes kernel OOPS
mailing-list
x_refsource_MLIST
http://mirror.anl.gov/pub/linux/kernel/v2.6/ChangeLog-2.6.35
x_refsource_CONFIRM
RHSA-2011:1163
vendor-advisory
x_refsource_REDHAT
[oss-security] 20110712 CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify()
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now