CVE-2011-0712 (retired)

Priority
Description
Multiple buffer overflows in the caiaq Native Instruments USB audio
functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might
allow attackers to cause a denial of service or possibly have unspecified
other impact via a long USB device name, related to (1) the
snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the
snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.
Ubuntu-Description
Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
driver did not correctly validate string lengths. A local attacker with
physical access could plug in a specially crafted USB device to crash the
system or potentially gain root privileges.
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
More Information

Updated: 2019-03-26 11:55:20 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)