Back to search
CVE-2011-2492
Published: Jul 28, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2011:0927
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=703019
x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4
x_refsource_CONFIRM
[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
mailing-list
x_refsource_MLIST
1025778
vdb-entry
x_refsource_SECTRACK
[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
mailing-list
x_refsource_MLIST
[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
mailing-list
x_refsource_MLIST
HPSBGN02970
vendor-advisory
x_refsource_HP
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now