{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-10T00:00:00", "descriptions": [{"lang": "en", "value": "The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-06-21T09:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20111211 Fwd: Re: cve request: bat_socket_read memory corruption", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/12/12/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767495"}, {"name": "[b.a.t.m.a.n] 20111210 bat_socket_read missing checks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2011-December/005904.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2"}, {"name": "openSUSE-SU-2013:0925", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:09:19.345Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20111211 Fwd: Re: cve request: bat_socket_read memory corruption", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/12/12/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767495"}, {"name": "[b.a.t.m.a.n] 20111210 bat_socket_read missing checks", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2011-December/005904.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2"}, {"name": "openSUSE-SU-2013:0925", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4604", "datePublished": "2013-06-07T10:00:00", "dateReserved": "2011-11-29T00:00:00", "dateUpdated": "2024-08-07T00:09:19.345Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0E17148-F44D-4632-80A1-81ABB9A1FF6F", "versionEndIncluding": "3.2.46", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "D3220B70-917F-4F9F-8A3B-2BF581281E8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "matchCriteriaId": "7D47A395-821D-4BFF-996E-E849D9A40217", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "99372D07-C06A-41FA-9843-6D57F99AB5AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "matchCriteriaId": "2B9DC110-D260-4DB4-B8B0-EF1D160ADA07", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "matchCriteriaId": "6192FE84-4D53-40D4-AF61-78CE7136141A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "matchCriteriaId": "42FEF3CF-1302-45EB-89CC-3786FE4BAC1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "matchCriteriaId": "AE6A6B58-2C89-4DE4-BA57-78100818095C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "matchCriteriaId": "1D467F87-2F13-4D26-9A93-E0BA526FEA24", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FE348F7B-02DE-47D5-8011-F83DA9426021", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "matchCriteriaId": "8A603291-33B4-4195-B52D-D2A9938089C1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E91594EA-F0A3-41B3-A9C6-F7864FC2F229", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "9E1ECCDB-0208-48F6-B44F-16CC0ECE3503", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FBA8B5DE-372E-47E0-A0F6-BE286D509CC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "9A1CA083-2CF8-45AE-9E15-1AA3A8352E3B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "19D69A49-5290-4C5F-8157-719AD58D253D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "290BD969-42E7-47B0-B21B-06DE4865432C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "23A9E29E-DE78-4C73-9FBD-C2410F5FC8B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "018434C9-E75F-45CB-A169-DAB4B1D864D7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "DC0AC68F-EC58-4C4F-8CBC-A59ECC00CCDE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "C123C844-F6D7-471E-A62E-F756042FB1CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A11C38BB-7FA2-49B0-AAC9-83DB387A06DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "61F3733C-E5F6-4855-B471-DF3FB823613B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "1DDCA75F-9A06-4457-9A45-38A38E7F7086", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "7AEA837E-7864-4003-8DB7-111ED710A7E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "B6FE471F-2D1F-4A1D-A197-7E46B75787E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "FDA9E6AB-58DC-4EC5-A25C-11F9D0B38BF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "DC6B8DB3-B05B-41A2-B091-342D66AAE8F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "958F0FF8-33EF-4A71-A0BD-572C85211DBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "FBA39F48-B02F-4C48-B304-DA9CCA055244", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "matchCriteriaId": "1FF841F3-48A7-41D7-9C45-A8170435A5EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "EF506916-A6DC-4B1E-90E5-959492AF55F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "matchCriteriaId": "B3CDAD1F-2C6A-48C0-8FAB-C2659373FA25", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "4FFE4B22-C96A-43D0-B993-F51EDD9C5E0E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "matchCriteriaId": "F571CC8B-B212-4553-B463-1DB01D616E8A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "matchCriteriaId": "84E3E151-D437-48ED-A529-731EEFF88567", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "matchCriteriaId": "E9E3EA3C-CCA5-4433-86E0-3D02C4757A0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "matchCriteriaId": "F7AC4F7D-9FA6-4CF1-B2E9-70BF7D4D177C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "matchCriteriaId": "3CE3A80D-9648-43CC-8F99-D741ED6552BF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "matchCriteriaId": "C8A98C03-A465-41B4-A551-A26FEC7FFD94", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.31:*:*:*:*:*:*:*", "matchCriteriaId": "2FEFEB26-F810-4998-B3FB-1503A410DC18", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.32:*:*:*:*:*:*:*", "matchCriteriaId": "B7C3A120-3118-4BAA-902D-3916B52BC0D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.33:*:*:*:*:*:*:*", "matchCriteriaId": "BB849D68-728A-4251-A8EF-86880D899416", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.34:*:*:*:*:*:*:*", "matchCriteriaId": "DC95E791-7723-43B4-B201-F0800DD4E8B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.35:*:*:*:*:*:*:*", "matchCriteriaId": "0E19EBEF-1E81-4B5B-B9FA-FBBB7A175FA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.36:*:*:*:*:*:*:*", "matchCriteriaId": "0FB55642-480B-46BC-BEA4-509287AA6FAB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.37:*:*:*:*:*:*:*", "matchCriteriaId": "FBFDF03D-79F0-43CD-9B4B-35202D6FCA06", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.38:*:*:*:*:*:*:*", "matchCriteriaId": "EB44B030-5A02-42A1-9913-5D4E01A2F1E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.39:*:*:*:*:*:*:*", "matchCriteriaId": "A1881D93-8E12-49BE-B685-956C3472F6F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.40:*:*:*:*:*:*:*", "matchCriteriaId": "8D2C30CC-FAE9-4CE9-B0C4-0910B51F3C84", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.41:*:*:*:*:*:*:*", "matchCriteriaId": "D35B09BB-6027-463D-8A9B-4EEE92921FA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.42:*:*:*:*:*:*:*", "matchCriteriaId": "1A2E2C3B-B2BC-4B33-A317-6CC25DCDA26D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.43:*:*:*:*:*:*:*", "matchCriteriaId": "9B654B47-FDC4-4822-A535-4F93023DF9DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.44:*:*:*:*:*:*:*", "matchCriteriaId": "BA4FBF31-5002-4A1C-8139-29681A246B26", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.2.45:*:*:*:*:*:*:*", "matchCriteriaId": "8E767A54-CDEB-4E0B-B275-DC8267239568", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet."}, {"lang": "es", "value": "La funci\u00f3n bat_socket_read en net/batman-adv/icmp_socket.c en el kernel de Linux anterior a v3.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) o posiblemente tener otro impacto sin especificar a trav\u00e9s de paquetes batman-adv ICMP manipulados"}], "id": "CVE-2011-4604", "lastModified": "2024-11-21T01:32:38.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-06-07T14:03:18.347", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/12/12/1"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767495"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/torvalds/linux/commit/b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}, {"source": "secalert@redhat.com", "url": "https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2011-December/005904.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/12/12/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767495"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/torvalds/linux/commit/b5a1eeef04cc7859f34dec9b72ea1b28e4aba07c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2011-December/005904.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Paul Kot for reporting this issue.", "bugzilla": {"description": "kernel: bat_socket_read memory corruption", "id": "767495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767495"}, "csaw": false, "cvss": {"cvss_base_score": "2.1", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "status": "draft"}, "details": ["The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet."], "name": "CVE-2011-4604", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2011-12-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-4604\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-4604"], "statement": "Not vulnerable. This issue did not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG as they did not include support for the BATMAN (Better Approach To Mobile Ad-hoc Networking) out-of-tree kernel module.", "threat_severity": "Low"}