Lucene search

RedhatCVE-2011-2208

HistoryJun 13, 2012 - 10:24 a.m.

CVE-2011-2208

2012-06-1310:24:54

CWE-189

redhat

web.nvd.nist.gov

cve-2011-2208

information security

linux kernel

alpha platform

memory disclosure

integer signedness error

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤2.6.39.3

linuxlinux_kernelMatch2.6.39

linuxlinux_kernelMatch2.6.39rc1

linuxlinux_kernelMatch2.6.39rc2

linuxlinux_kernelMatch2.6.39rc3

linuxlinux_kernelMatch2.6.39rc4

linuxlinux_kernelMatch2.6.39rc5

linuxlinux_kernelMatch2.6.39rc6

linuxlinux_kernelMatch2.6.39rc7

linuxlinux_kernelMatch2.6.39.1

linuxlinux_kernelMatch2.6.39.2

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:*:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc6:*:*:*:*:*:*
linuxlinux_kernel2.6.39cpe:2.3:o:linux:linux_kernel:2.6.39:rc7:*:*:*:*:*:*
linuxlinux_kernel2.6.39.1cpe:2.3:o:linux:linux_kernel:2.6.39.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:::::::*
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc1::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc2::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc3::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc4::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc5::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc6::::::
linux	linux_kernel	2.6.39	cpe:2.3:o:linux:linux_kernel:2.6.39:rc7::::::
linux	linux_kernel	2.6.39.1	cpe:2.3:o:linux:linux_kernel:2.6.39.1:::::::*

Rows per page:

1-10 of 111

References

ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21c5977a836e399fc710ff2c5367845ed5c2527f

www.openwall.com/lists/oss-security/2011/06/15/7

github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2011-2208