Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 394601 (CVE-2011-4604)

Summary: Kernel: B.A.T.M.A.N. "bat_socket_read()" Buffer Overflow Vulnerability (CVE-2011-4604)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: KernelAssignee: Gentoo Kernel Security <security-kernel>
Status: RESOLVED FIXED    
Severity: normal CC: kernel
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://secunia.com/advisories/47199/
Whiteboard:
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2011-12-13 19:52:26 UTC 
From secunia security advisory at $URL:

Description:
The vulnerability is caused due to a boundary error within the "bat_socket_read()" function (net/batman/icmp_socket.c), which can be exploited to cause a userspace buffer overflow by sending specially crafted packets to a vulnerable system.

The vulnerability is reported in version 2.6.39.4. Other versions may also be affected.

Solution:
Fixed in the GIT repository.
1)http://git.open-mesh.org/?p=batman-adv.git;a=commitdiff;h=201371597326fcd8118be4000954ff9ba8fd0ccd

2)http://git.open-mesh.org/?p=batman-adv.git;a=commitdiff;h=d22e13c6c380261cf0b13d34e6412a1e393b5197
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:44:32 UTC 
CVE-2011-4604 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4604):
  The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux
  kernel before 3.3 allows remote attackers to cause a denial of service
  (memory corruption) or possibly have unspecified other impact via a crafted
  batman-adv ICMP packet.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2018-04-04 17:45:34 UTC 
There are no longer any 2.x or <3.3 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.