CVE-2011-3359

Public on 2011-12-02

Modified on 2014-09-14

Description

The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.

Severity

Medium

CVSS v3 Base Score

4.6

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 1	kernel	2011-12-02	ALAS-2011-26	Fixed

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv2	4.6	AV:A/AC:H/Au:N/C:N/I:N/A:C
NVD	CVSSv2	7.8	AV:N/AC:L/Au:N/C:N/I:N/A:C
NVD	CVSSv3	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Red Hat: CVE-2011-3359 Mitre: CVE-2011-3359