CVE

Id
50818  
CVE No.
CVE-2011-2906  
Status
Candidate  
Description
** DISPUTED ** Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor.  
Phase
Assigned (20110727)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
548413 50818 CVE-2011-2906 MLIST:[oss-security] 20110810 Re: CVE requests: Two kernel issues  View
548414 50818 CVE-2011-2906 URL:http://www.openwall.com/lists/oss-security/2011/08/09/8  View
548415 50818 CVE-2011-2906 CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b5b515445f4f5a905c5dd27e6e682868ccd6c09d  View
548416 50818 CVE-2011-2906 CONFIRM:http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
26929 JVNDB-2012-002636 libmodplug の CSoundFile::ReadWav 関数における整数オーバーフローの脆弱性 libmodplug の src/load_wav.cpp 内の CSoundFile::ReadWav 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2011-2911 50818 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002636.html  View