CVE-2011-2494

Published: Jun 13, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20110627 Re: CVE request: kernel: taskstats/procfs io infoleak

mailing-list

x_refsource_MLIST

SUSE-SU-2012:0554

vendor-advisory

x_refsource_SUSE

48898

third-party-advisory

x_refsource_SECUNIA

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a51410abe7d0ee4b1d112780f46df87d3621043

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/1a51410abe7d0ee4b1d112780f46df87d3621043

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=716842

x_refsource_CONFIRM

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-2494

Description

Affected Products

References