CVE-2011-2209

Published Jun 13, 2012

Last updated 2 years ago

CVSS info 2.1

Overview

Description: Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94597E40-EA22-414E-BF5A-A4664E943F09",
            "versionEndIncluding": "2.6.39.3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAAF54BC-6282-492F-BA52-8792223320ED"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2493C2FB-2BA1-4DB3-BC04-E282C9CD399D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18DBC8AF-18ED-4879-8888-23022E494D14"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75EB375B-8ADF-4EAB-A3FB-ED5D35E5E719"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D49BB231-622E-4F20-97C8-E6289933912C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D6859AA-DA7F-4AF9-8443-05962171D6E3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B79A89D-F048-48C5-B148-4B38A6C3953B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39:rc7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEBA9217-9105-4BA3-BE1E-FE387FECEF87"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1713DDF4-33F1-4716-84D7-FCFECCF9BCCA"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.39.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABCE5879-317D-4A33-B6DA-A9ACF553F8E9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References