CVE-2011-2494

Published Jun 13, 2012
Last updated 2 years ago
CVSS info 2.1
Overview

Description: kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-200
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C8D5D79-7C04-470B-BBE8-339D4E176451",
            "versionEndIncluding": "3.0.34"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38989541-2360-4E0A-AE5A-3D6144AA6114"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E51646B-7A0E-40F3-B8C9-239C1DA81DD1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42A8A507-F8E2-491C-A144-B2448A1DB26E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "901FC6F3-2C2A-4112-AE27-AB102BBE8DEE"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "203AD334-DB9F-41B0-A4D1-A6C158EF8C40"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3611753-E440-410F-8250-600C996A4B8E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9739BB47-EEAF-42F1-A557-2AE2EA9526A3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A95E3BB-0AFC-4C2E-B9BE-C975E902A266"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "482A6C9A-9B8E-4D1C-917A-F16370745E7C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6D87357-63E0-41D0-9F02-1BCBF9A77E63"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3765A2D6-2D78-4FB1-989E-D5106BFA3F5E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F54257DB-7023-43C4-AC4D-9590B815CD92"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61FF5FCD-A4A1-4803-AC53-320A4C838AF6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F096553-064F-46A2-877B-F32F163A0F49"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0D762D1-E3AD-40EA-8D39-83EEB51B5E85"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6187D19-7148-4B87-AD7E-244FF9EE0FA6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99AC64C2-E391-485C-9CD7-BA09C8FA5E63"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CDA5E95-7805-441B-BEF7-4448EA45E964"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51561053-6C28-4F38-BC9B-3F7A7508EB72"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "118F4A5B-C498-4FC3-BE28-50D18EBE4F22"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD38EBE6-FE1A-4B55-9FB5-07952253B7A5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A491E47-82AD-4055-9444-2EC0D6715326"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13C5FD16-23B6-467F-9438-5B554922F974"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C67235F-5B51-4BF7-89EC-4810F720246F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08405DEF-05F4-45F0-AC95-DBF914A36D93"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A7B9C4B-4A41-4175-9F07-191C1EE98C1F"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B306E0A8-4D4A-4895-8128-A500D30A7E0C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "295C839A-F34E-4853-A926-55EABC639412"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AFD5F49-7EF9-4CFE-95BD-8FD19B500B0A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00B3DDDD-B2F6-4753-BA38-65A24017857D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33FCD39E-F4BF-432D-9CF9-F195CF5844F3"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7308690-CB0D-4758-B80F-D2ADCD2A9D66"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "313A470B-8A2B-478A-82B5-B27D2718331C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
