{"containers": {"cna": {"affected": [{"product": "Linux kernel", "vendor": "n/a", "versions": [{"status": "affected", "version": "2.6.37"}]}], "datePublic": "2011-02-09T00:00:00", "descriptions": [{"lang": "en", "value": "Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value."}], "problemTypes": [{"descriptions": [{"description": "Integer Signedness Error", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-20T17:18:53", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://marc.info/?l=oss-security&m=129726743519620&w=2"}, {"tags": ["x_refsource_MISC"], "url": "http://marc.info/?l=linux-kernel&m=129726078708425&w=2"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/BlankOn/linux-debian/blob/master/debian/changelog.BlankOn"}, {"tags": ["x_refsource_MISC"], "url": "http://vulnfactory.org/vulns/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:58:26.164Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=129726743519620&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=129726078708425&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/BlankOn/linux-debian/blob/master/debian/changelog.BlankOn"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://vulnfactory.org/vulns/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-0699", "datePublished": "2020-02-20T17:18:53", "dateReserved": "2011-01-31T00:00:00", "dateUpdated": "2024-08-06T21:58:26.164Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.37:*:*:*:*:*:*:*", "matchCriteriaId": "18CBFC41-E9A9-456C-8A61-8DB2E6CE2E98", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value."}, {"lang": "es", "value": "Un error en la propiedad signedness de enteros en la funci\u00f3n btrfs_ioctl_space_info en el kernel de Linux versi\u00f3n 2.6.37, permite a usuarios locales causar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en la regi\u00f3n heap de la memoria) o posiblemente tener otro impacto no especificado por medio de un valor de slot dise\u00f1ado."}], "id": "CVE-2011-0699", "lastModified": "2024-11-21T01:24:38.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-20T18:15:11.077", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=129726078708425&w=2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=oss-security&m=129726743519620&w=2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://vulnfactory.org/vulns/"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/BlankOn/linux-debian/blob/master/debian/changelog.BlankOn"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=129726078708425&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=oss-security&m=129726743519620&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://vulnfactory.org/vulns/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/BlankOn/linux-debian/blob/master/debian/changelog.BlankOn"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: integer signedness error in the btrfs_ioctl_space_info function could lead to a DoS", "id": "1816142", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816142"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.", "A flaw was found in the BTRFS implementation in the Linux kernel, where a local user with elevated permissions (either root user or in the disk group) can issue an ioctl to the /dev/btrfs-control device node. This flaw panics the system and allows memory allocation if a specially crafted ioctl is made that abuses the logic when comparing values with different types."], "mitigation": {"lang": "en:us", "value": "As the BTRFS module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\n# echo \"install btrfs /bin/true\" >> /etc/modprobe.d/disable-btrfs.conf\nThe system will need to be restarted if the BTRFS modules are loaded, it may be possible to unload them. In most circumstances, the BTRFS kernel modules will be unable to be unloaded while any BTRFS filesystems are mounted or in use.\nIf the system requires this module to work correctly, this mitigation may not be suitable.\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services."}, "name": "CVE-2011-0699", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2020-02-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-0699\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-0699\nhttps://marc.info/?l=linux-kernel&m=129726078708425&w=2"], "statement": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, or Red Hat Enterprise MRG as they did not backport the upstream commit bf5fc093c that introduced this issue.", "threat_severity": "Low"}