VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 21, 2012· Updated Apr 29, 2026

CVE-2011-1079

CVE-2011-1079

Description

The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • Linux/Kernel18 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.38.8
    • cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
    • (no CPE)range: <2.6.39

Patches

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

8

News mentions

0

No linked articles in our index yet.