Vulnerability Name: | CVE-2011-2480 (CCN-172514) | ||||||||||||
Assigned: | 2011-06-20 | ||||||||||||
Published: | 2011-06-20 | ||||||||||||
Updated: | 2019-12-10 | ||||||||||||
Summary: | Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. | ||||||||||||
CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) 6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
Vulnerability Type: | CWE-200 | ||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2011-2480 Source: MISC Type: Broken Link https://access.redhat.com/security/cve/cve-2011-2480 Source: MISC Type: Third Party Advisory https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160 Source: MISC Type: Third Party Advisory https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161 Source: XF Type: UNKNOWN freebsd-cve20112480-info-disc(172514) Source: MISC Type: Third Party Advisory https://security-tracker.debian.org/tracker/CVE-2011-2480 Source: CCN Type: FreeBSD Web site The FreeBSD Project Source: CCN Type: NetBSD Web site The NetBSD Project Source: CCN Type: oss-sec Mailing List, Mon, 20 Jun 2011 15:12:35 -0400 (EDT) Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure Source: MLIST Type: Mailing List, Third Party Advisory [oss-security] 20110620 Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||
BACK |