Skip to main content

NULL Pointer Dereference

CVE-2011-1748

Severity Medium
Score 4.9/10

Summary

The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.

  • LOW
  • LOCAL
  • NONE
  • NONE
  • NONE
  • COMPLETE

CWE-476 - NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

Advisory Timeline

  • Published