CVE-2011-1759

Severity

62%

Complexity

19%

Confidentiality

165%

Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by providing a crafted argument and leveraging a race condition.

CVSS 2.0 Base Score 6.2. CVSS Attack Vector: local. CVSS Attack Complexity: high. CVSS Vector: (AV:L/AC:H/Au:N/C:C/I:C/A:C).

Overview

First reported 12 years ago

2012-06-13 10:24:00

Last updated 12 years ago

2012-06-14 04:00:00

Affected Software

Linux Kernel 2.6.38

2.6.38

Linux Kernel 2.6.38 Release Candidate 1

2.6.38

Linux Kernel 2.6.38 Release Candidate 2

2.6.38

Linux Kernel 2.6.38 Release Candidate 3

2.6.38

Linux Kernel 2.6.38 Release Candidate 4

2.6.38

Linux Kernel 2.6.38 Release Candidate 5

2.6.38

Linux Kernel 2.6.38 Release Candidate 6

2.6.38

Linux Kernel 2.6.38 Release Candidate 7

2.6.38

Linux Kernel 2.6.38 Release Candidate 8

2.6.38

Linux Kernel 2.6.38.1

2.6.38.1

Linux Kernel 2.6.38.2

2.6.38.2

Linux Kernel 2.6.38.3

2.6.38.3

Linux Kernel 2.6.38.4

2.6.38.4

Linux Kernel 2.6.38.5

2.6.38.5

Linux Kernel 2.6.38.6

2.6.38.6

Linux Kernel 2.6.38.7

2.6.38.7

Linux Kernel

References

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0f22072ab50cac7983f9660d33974b45184da4f9

Patch

[oss-security] 20110502 Re: CVE request: kernel (ARM): heap corruption in OABI semtimedop

https://github.com/torvalds/linux/commit/0f22072ab50cac7983f9660d33974b45184da4f9

Exploit, Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.

CVE-2011-1759

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Overview

First reported 12 years ago

Last updated 12 years ago

Affected Software

Linux Kernel 2.6.38

Linux Kernel 2.6.38 Release Candidate 1

Linux Kernel 2.6.38 Release Candidate 2

Linux Kernel 2.6.38 Release Candidate 3

Linux Kernel 2.6.38 Release Candidate 4

Linux Kernel 2.6.38 Release Candidate 5

Linux Kernel 2.6.38 Release Candidate 6

Linux Kernel 2.6.38 Release Candidate 7

Linux Kernel 2.6.38 Release Candidate 8

Linux Kernel 2.6.38.1

Linux Kernel 2.6.38.2

Linux Kernel 2.6.38.3

Linux Kernel 2.6.38.4

Linux Kernel 2.6.38.5

Linux Kernel 2.6.38.6

Linux Kernel 2.6.38.7

Linux Kernel

References

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0f22072ab50cac7983f9660d33974b45184da4f9

[oss-security] 20110502 Re: CVE request: kernel (ARM): heap corruption in OABI semtimedop

https://github.com/torvalds/linux/commit/0f22072ab50cac7983f9660d33974b45184da4f9

Stay updated

Get in touch