Lucene search

RedhatCVE-2011-4915

HistoryFeb 20, 2020 - 6:15 p.m.

CVE-2011-4915

2020-02-2018:15:11

CWE-200

redhat

web.nvd.nist.gov

linux

kernel

vulnerability

/proc

interrupts

cve-2011-4915

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

Percentile

5.1%

JSON

fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.

Affected configurations

Nvd

Vulners

Node

linuxlinux_kernelRange≤3.1

Node

canonicalubuntu_linuxMatch14.04esm

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
canonical	ubuntu_linux	14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
debian	debian_linux	10.0	cpe:2.3:o:debian:debian_linux:10.0:::::::*

CNA Affected

[
  {
    "product": "Linux kernel",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "through 3.1"
      }
    ]
  }
]

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0499680a42141d86417a8fbaa8c8db806bea1201

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2ef990ab5a6705a356d146dd773a3b359787497

people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4915.html

www.openwall.com/lists/oss-security/2011/11/07/9

lkml.org/lkml/2011/11/7/340

seclists.org/oss-sec/2011/q4/571

security-tracker.debian.org/tracker/CVE-2011-4915

vigilance.fr/vulnerability/Linux-kernel-information-disclosure-about-keyboard-11131

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2011-4915