QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0006

Published: Jun 21, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20110106 Re: CVE Request: kernel [Re: Security review of 2.6.32.28]

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=667912

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9

x_refsource_CONFIRM

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2011-0006 - Security Vulnerability | QwikSec