Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2011-2494
HistoryJun 13, 2012 - 10:24 a.m.

CVE-2011-2494

2012-06-1310:24:55
CWE-200
redhat
web.nvd.nist.gov
63
cve
linux kernel
taskstats.c
vulnerability
nvd
security
netlink socket
sensitive data
local user

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON

kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user’s password.

Affected configurations

Nvd
Node
linuxlinux_kernelRange3.0.34
OR
linuxlinux_kernelMatch3.0.1
OR
linuxlinux_kernelMatch3.0.2
OR
linuxlinux_kernelMatch3.0.3
OR
linuxlinux_kernelMatch3.0.4
OR
linuxlinux_kernelMatch3.0.5
OR
linuxlinux_kernelMatch3.0.6
OR
linuxlinux_kernelMatch3.0.7
OR
linuxlinux_kernelMatch3.0.8
OR
linuxlinux_kernelMatch3.0.9
OR
linuxlinux_kernelMatch3.0.10
OR
linuxlinux_kernelMatch3.0.11
OR
linuxlinux_kernelMatch3.0.12
OR
linuxlinux_kernelMatch3.0.13
OR
linuxlinux_kernelMatch3.0.14
OR
linuxlinux_kernelMatch3.0.15
OR
linuxlinux_kernelMatch3.0.16
OR
linuxlinux_kernelMatch3.0.17
OR
linuxlinux_kernelMatch3.0.18
OR
linuxlinux_kernelMatch3.0.19
OR
linuxlinux_kernelMatch3.0.20
OR
linuxlinux_kernelMatch3.0.21
OR
linuxlinux_kernelMatch3.0.22
OR
linuxlinux_kernelMatch3.0.23
OR
linuxlinux_kernelMatch3.0.24
OR
linuxlinux_kernelMatch3.0.25
OR
linuxlinux_kernelMatch3.0.26
OR
linuxlinux_kernelMatch3.0.27
OR
linuxlinux_kernelMatch3.0.28
OR
linuxlinux_kernelMatch3.0.29
OR
linuxlinux_kernelMatch3.0.30
OR
linuxlinux_kernelMatch3.0.31
OR
linuxlinux_kernelMatch3.0.32
OR
linuxlinux_kernelMatch3.0.33
VendorProductVersionCPE
linuxlinux_kernel3.0.4cpe:/o:linux:linux_kernel:3.0.4:::
linuxlinux_kernel3.0.7cpe:/o:linux:linux_kernel:3.0.7:::
linuxlinux_kernel3.0.22cpe:/o:linux:linux_kernel:3.0.22:::
linuxlinux_kernel3.0.33cpe:/o:linux:linux_kernel:3.0.33:::
linuxlinux_kernel3.0.18cpe:/o:linux:linux_kernel:3.0.18:::
linuxlinux_kernel3.0.1cpe:/o:linux:linux_kernel:3.0.1:::
linuxlinux_kernel3.0.25cpe:/o:linux:linux_kernel:3.0.25:::
linuxlinux_kernel3.0.3cpe:/o:linux:linux_kernel:3.0.3:::
linuxlinux_kernel3.0.9cpe:/o:linux:linux_kernel:3.0.9:::
linuxlinux_kernel3.0.17cpe:/o:linux:linux_kernel:3.0.17:::
Rows per page:
1-10 of 341

Related

cvelist 1
ubuntucve 1
veracode 1
nessus 34
prion 1
openvas 49
nvd 1
ubuntu 15
redhat 3
centos 1
oraclelinux 5
suse 6
securityvulns 2
amazon 1
cvelist
cvelist
CVE-2011-2494
2012-06-13 10:00:00
ubuntucve
ubuntucve
CVE-2011-2494
2011-10-03 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 01:08:17
nessus
nessus
USN-1260-1 : linux-ti-omap4 vulnerability
2011-11-15 00:00:00
Ubuntu 11.10 : linux vulnerability (USN-1275-1)
2011-11-22 00:00:00
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1236-1)
2011-10-21 00:00:00
prion
prion
Design/Logic Flaw
2012-06-13 10:24:00
openvas
openvas
Ubuntu Update for linux USN-1275-1
2012-03-16 00:00:00
Ubuntu Update for linux-ti-omap4 USN-1260-1
2012-03-16 00:00:00
Ubuntu: Security Advisory (USN-1275-1)
2012-03-16 00:00:00
nvd
nvd
CVE-2011-2494
2012-06-13 10:24:55
ubuntu
ubuntu
Linux kernel vulnerability
2011-11-21 00:00:00
Linux kernel (OMAP4) vulnerability
2011-11-14 00:00:00
Linux kernel vulnerabilities
2011-10-20 00:00:00
redhat
redhat
(RHSA-2011:1479) Important: kernel security, bug fix, and enhancement update
2011-11-29 00:00:00
(RHSA-2011:1465) Important: kernel security and bug fix update
2011-11-22 00:00:00
(RHSA-2012:0010) Important: kernel-rt security and bug fix update
2012-01-10 00:00:00
centos
centos
kernel security update
2011-11-30 10:33:41
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2011-11-29 00:00:00
kernel security and bug fix update
2011-11-22 00:00:00
Unbreakable Enterprise kernel security update
2011-11-25 00:00:00
suse
suse
Security update for Linux kernel (important)
2012-10-24 09:08:54
Security update for the Linux Kernel (important)
2012-02-06 15:08:23
Security update for Linux kernel (important)
2012-04-23 22:08:26
securityvulns
securityvulns
[USN-1281-1] Linux (OMAP4) vulnerabilities
2011-11-27 00:00:00
Linux kernel multiple security vulnerabilities
2011-11-27 00:00:00
amazon
amazon
Medium: kernel
2011-12-02 22:23:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2011-2494
cvelist1ubuntucve1veracode1nessus34prion1openvas49nvd1ubuntu15redhat3centos1oraclelinux5suse6securityvulns2amazon1