2.1 CVE-2011-4110

Exploit Patch Ransomware Risk

The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."
https://nvd.nist.gov/vuln/detail/CVE-2011-4110

References

BID

50755

CONFIRM Patch

https://bugzilla.redhat.com/show_bug.cgi?id=751297 Patch

HP

HPSBGN02970

SECUNIA

47754

UBUNTU

USN-1328-1
USN-1324-1
USN-1344-1

_MLIST Exploit

[oss-security] 20111121 CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
[linux-kernel] 20111115 [PATCH] KEYS: Fix a NULL pointer deref in the user-defined key type Exploit
[oss-security] 20111121 Re: CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
[oss-security] 20111122 Re: CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type

CPE

cpe	start	end
Configuration 1
cpe:2.3:o:linux:linux_kernel:2.6:::::::*

REMEDIATION

Patch

Url
https://bugzilla.redhat.com/show_bug.cgi?id=751297

EXPLOITS

Exploit-db.com

id	description	date
No known exploits

Other (github, ...)

Url
[linux-kernel] 20111115 [PATCH] KEYS: Fix a NULL pointer deref in the user-defined key type

CAPEC

Common Attack Pattern Enumerations and Classifications

id	description	severity
No entry

MITRE

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution