CVE-2011-2480

NameCVE-2011-2480
DescriptionInformation Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium
Debian Bugs631160, 631161

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kfreebsd-7source(unstable)(unfixed)
kfreebsd-8source(unstable)8.2-3631161
kfreebsd-8sourcesqueeze8.1+dfsg-8+squeeze1
kfreebsd-9source(unstable)9.0~svn223502-1631160

Search for package or bug name: Reporting problems