CVE-2011-2700
Published: 6 September 2011
Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID.
From the Ubuntu Security Team
Mauro Carvalho Chehab discovered that the si4713 radio driver did not correctly check the length of memory copies. If this hardware was available, a local attacker could exploit this to crash the system or gain root privileges.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
hardy |
Not vulnerable
|
| lucid |
Released
(2.6.32-34.77)
|
|
| maverick |
Released
(2.6.35-30.60)
|
|
| natty |
Released
(2.6.38-12.51)
|
|
| oneiric |
Not vulnerable
(3.0.0-11.18)
|
|
| precise |
Not vulnerable
(3.1.0-1.1)
|
|
| quantal |
Not vulnerable
|
|
| saucy |
Not vulnerable
|
|
| trusty |
Not vulnerable
(3.11.0-12.19)
|
|
| upstream |
Released
(3.0)
|
|
|
Patches: Introduced by 02bee89e79b1302776e32214b8ca96a00c70c446 |
||
|
linux-ec2 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.32-318.38)
|
|
| maverick |
Ignored
(end of life)
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
|
linux-flo Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
(trusty was not-affected [3.4.0-1.3])
|
|
| upstream |
Released
(3.0)
|
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Ignored
|
|
| trusty |
Does not exist
(trusty was not-affected [3.4.0-1.7])
|
|
| upstream |
Released
(3.0)
|
|
|
linux-grouper Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Ignored
|
|
| trusty |
Does not exist
(trusty was not-affected [3.1.10-8.28])
|
|
| upstream |
Released
(3.0)
|
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.35-30.60~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.38-12.51~lucid1)
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
|
linux-lts-backport-oneiric Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
|
linux-maguro Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Ignored
|
|
| trusty |
Does not exist
(trusty was not-affected [3.0.0-3.18])
|
|
| upstream |
Released
(3.0)
|
|
|
linux-mako Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Ignored
|
|
| trusty |
Does not exist
(trusty was not-affected [3.4.0-3.21])
|
|
| upstream |
Released
(3.0)
|
|
|
linux-manta Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Ignored
|
|
| trusty |
Does not exist
(trusty was not-affected [3.4.0-4.19])
|
|
| upstream |
Released
(3.0)
|
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Released
(2.6.32-218.35)
|
|
| maverick |
Released
(2.6.32-418.35)
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| quantal |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| maverick |
Released
(2.6.35-903.25)
|
|
| natty |
Released
(2.6.38-1209.16)
|
|
| oneiric |
Not vulnerable
(3.0.0-1204.9)
|
|
| precise |
Not vulnerable
(3.0.0-1401.2)
|
|
| quantal |
Not vulnerable
|
|
| saucy |
Not vulnerable
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(3.0)
|
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2700
- https://ubuntu.com/security/notices/USN-1203-1
- https://ubuntu.com/security/notices/USN-1208-1
- https://ubuntu.com/security/notices/USN-1216-1
- https://ubuntu.com/security/notices/USN-1220-1
- https://ubuntu.com/security/notices/USN-1219-1
- https://ubuntu.com/security/notices/USN-1218-1
- https://ubuntu.com/security/notices/USN-1227-1
- https://ubuntu.com/security/notices/USN-1228-1
- https://ubuntu.com/security/notices/USN-1246-1
- https://ubuntu.com/security/notices/USN-1256-1
- NVD
- Launchpad
- Debian