#VU44351 Buffer overflow in Linux kernel - CVE-2011-4077

Cybersecurity Help s.r.o.

Published: 2012-01-27 | Updated: 2020-08-11

Vulnerability identifier: #VU44351

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2011-4077

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 2.6.0

External links
https://marc.info/?l=bugtraq&m=139447903326211&w=2
https://oss.sgi.com/archives/xfs/2011-10/msg00345.html
https://secunia.com/advisories/48964
https://www.openwall.com/lists/oss-security/2011/10/26/1
https://www.openwall.com/lists/oss-security/2011/10/26/3
https://xorl.wordpress.com/2011/12/07/cve-2011-4077-linux-kernel-xfs-readlink-memory-corruption/
https://bugzilla.redhat.com/show_bug.cgi?id=749156

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in Linux kernel

Amazon Linux AMI update for kernel