Vulnerabilities > CVE-2011-0699 - Out-of-bounds Write vulnerability in Linux Kernel 2.6.37

CVSS 7.0 - HIGH

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

high complexity

linux

CWE-787

NVD

Published: 2020-02-20

Updated: 2020-02-25

Summary

Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 2.6.37	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/BlankOn/linux-debian/blob/master/debian/changelog.BlankOn
http://marc.info/?l=linux-kernel&m=129726078708425&w=2
http://vulnfactory.org/vulns/
http://marc.info/?l=oss-security&m=129726743519620&w=2