Integer Overflow in _ctl_do_mpt_command Function in Linux Kernel 2.6.38 and Earlier Allows Privilege Escalation or Memory Corruption

Integer Overflow in _ctl_do_mpt_command Function in Linux Kernel 2.6.38 and Earlier Allows Privilege Escalation or Memory Corruption

CVE-2011-1494 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.