VDB
CVE-2011-1770
CVE-2011-1770
PUBLISHED
Reported by redhat · Published June 24, 2011
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Jun 24, 2011 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 1025592 vdb-entryx_refsource_SECTRACK
- [linux-kernel] 20110506 [PATCH] dccp: handle invalid feature options length mailing-listx_refsource_MLIST
- 47769 vdb-entryx_refsource_BID
- [linux-kernel] 20110506 Re: [PATCH] dccp: handle invalid feature options length mailing-listx_refsource_MLIST
- x_refsource_CONFIRM
- 44932 third-party-advisoryx_refsource_SECUNIA
- 8286 third-party-advisoryx_refsource_SREASON
- FEDORA-2011-7823 vendor-advisoryx_refsource_FEDORA
- x_refsource_CONFIRM
- FEDORA-2011-7551 vendor-advisoryx_refsource_FEDORA