CVE-2011-1180 (retired)

Priority
Description
Multiple stack-based buffer overflows in the
iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux
kernel before 2.6.39 allow remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact by leveraging
connectivity to an IrDA infrared network and sending a large integer value
for a (1) name length or (2) attribute length.
Ubuntu-Description
Dan Rosenberg discovered that the IRDA subsystem did not correctly check
certain field sizes. If a system was using IRDA, a remote attacker could
send specially crafted traffic to crash the system or gain root privileges.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.39~rc1)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by d370af0ef7951188daeb15bae75db7ba57c67846
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-03-26 11:55:49 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)