Lucene search

PRIOn knowledge basePRION:CVE-2011-0006

HistoryJun 21, 2012 - 11:55 p.m.

Design/Logic Flaw

2012-06-2123:55:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator’s addition of an IMA rule for LSM.

CPENameOperatorVersion
linux_kernelle2.6.36.4
linux_kerneleq2.6.36.3
linux_kerneleq2.6.36.1
linux_kerneleq2.6.36.2

Name	Operator	Version
linux_kernel	le	2.6.36.4
linux_kernel	eq	2.6.36.3
linux_kernel	eq	2.6.36.1
linux_kernel	eq	2.6.36.2

References

ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9

www.openwall.com/lists/oss-security/2011/01/06/18

bugzilla.redhat.com/show_bug.cgi?id=667912

github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9

6.5 Medium

AI Score

Confidence

Low

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2011-0006