Improper Validation of Array Index

CVE-2011-1169

High

7.2/10

Summary

Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

CWE-129 - Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References

Advisory Timeline

Published May 03, 2011

Improper Validation of Array Index

CVE-2011-1169

Summary

CWE-129 - Improper Validation of Array Index

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS