CVE-2011-0712

Priority
Description
Multiple buffer overflows in the caiaq Native Instruments USB audio
functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might
allow attackers to cause a denial of service or possibly have unspecified
other impact via a long USB device name, related to (1) the
snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the
snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.
Ubuntu-Description
Rafael Dominguez Vega discovered that the caiaq Native Instruments USB
driver did not correctly validate string lengths. A local attacker with
physical access could plug in a specially crafted USB device to crash the
system or potentially gain root privileges.
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
Package
Upstream:released (2.6.38~rc6)
More Information

Updated: 2019-03-19 11:57:12 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)