5 matches found
CVE-2011-2495
CVE-2011-2495 affects the Linux kernel prior to 2.6.39.4. The issue is in fs/proc/base.c where access to /proc/#####/io is insufficiently restricted, allowing local users to poll a file and infer sensitive I/O statistics (e.g., length of another user’s password). The MiracleLinux advisories refer...
CVE-2011-2209
The CVE-2011-2209 issue affects the Linux kernel on the Alpha architecture, where an integer signedness error in osf_sysinfo (arch/alpha/kernel/osf_sys.c) could allow local users to obtain sensitive information from kernel memory via a crafted call. Vulnerable when using kernel versions before 2....
CVE-2011-2211
CVE-2011-2211 concerns the Linux kernel on the Alpha architecture. The vulnerability lies in the osf_wait4 function (arch/alpha/kernel/osf_sys.c), where an incorrect pointer is used in versions prior to 2.6.39.4. This can allow local users to gain elevated privileges by writing a specific integer...
CVE-2011-2208
The CVE-2011-2208 vulnerability affects the Linux kernel on the Alpha platform, caused by an integer signedness error in osf_getdomainname in arch/alpha/kernel/osf_sys.c. It allows local users to access sensitive kernel memory. Impact is limited to local exploitation with partial confidentiality ...
CVE-2011-2210
The CVE-2011-2210 issue affects the Linux kernel on the Alpha platform, where osf_getsysinfo in arch/alpha/kernel/osf_sys.c does not properly bound the data size for GSI_GET_HWRPB, enabling local users to read kernel memory. Public sources confirm the root cause is improper data size restriction ...