2.1 CVE-2011-2700

Exploit Buffer Overflow Patch


Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID.


CWE-120 : Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold, or when a program attempts to put data in a memory area outside of the boundaries of a buffer. The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the program copies the buffer without restricting how much is copied. Other variants exist, but the existence of a classic overflow strongly suggests that the programmer is not considering even the most basic of security protections.




cpe start end
Configuration 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* <


id description date
No known exploits


id description severity
46 Overflow Variables and Tags
9 Buffer Overflow in Local Command-Line Utilities
47 Buffer Overflow via Parameter Expansion
24 Filter Failure through Buffer Overflow
8 Buffer Overflow in an API Call
100 Overflow Buffers
Very High
44 Overflow Binary Resource File
Very High
42 MIME Conversion
67 String Format Overflow in syslog()
Very High
45 Buffer Overflow via Symbolic Links
10 Buffer Overflow via Environment Variables
14 Client-side Injection-induced Buffer Overflow
92 Forced Integer Overflow

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution