Release date:
Updated on:
Affected Systems:
Linux kernel 2.6.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 48333
Cve id: CVE-2011-2213
Linux is the kernel of a free computer.
The inet_diag_bc_audit function in net/ipv4/inet_diag.c of Linux Kernel 2.6.39.3 did not correctly review the INET_DIAG bytecode. The local denial of service vulnerability exists in the implementation. Attackers can exploit this vulnerability to cause Kernel crash, A valid user is denied.
<* Source: Dan Rosenberg (drosenberg@vsecurity.com)
Link: http://permalink.gmane.org/gmane.comp.security.oss.general/5277
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/