Denial of Service Vulnerability in Linux Kernel's inet_diag_bc_audit Function

Denial of Service Vulnerability in Linux Kernel's inet_diag_bc_audit Function

CVE-2011-2213 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.