Integer Underflow in L2CAP Configuration Request Function in Linux Kernel

Integer Underflow in L2CAP Configuration Request Function in Linux Kernel

CVE-2011-2497 · HIGH Severity

AV:A/AC:L/AU:N/C:C/I:C/A:C

Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.