CVE-2011-1598

Linux Kernel < 2.6.39 - Denial of Service via BCM Socket Release Operation

Title source: llm
STIX 2.1

Description

The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.

References (13)

Core 13
Core References
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/21/1
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/20/7
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/25/4
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/21/7
Broken Link mailing-list x_refsource_mlist
http://permalink.gmane.org/gmane.linux.network/192898
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/22/2
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/21/2
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/20/6
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/04/20/2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/47503
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=698057

Scores

EPSS 0.0042
EPSS Percentile 33.8%

Details

CWE
CWE-476
Status published
Products (2)
linux/linux_kernel 2.6.39 (6 CPE variants)
linux/linux_kernel < 2.6.39
Published May 09, 2011
Tracked Since Feb 18, 2026