2.1 CVE-2011-2208
Exploit Patch
Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
https://nvd.nist.gov/vuln/detail/CVE-2011-2208
Categories
CWE-189
References
CONFIRM Patch Exploit
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 |
https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f Exploit Patch |
MISC
_MLIST
CPE
cpe | start | end |
---|---|---|
Configuration 1 | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc7:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc6:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | <= 2.6.39.3 | |
cpe:2.3:o:linux:linux_kernel:2.6.39:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39.2:*:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:* |
REMEDIATION
Patch
Url |
---|
https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f |
EXPLOITS
Exploit-db.com
id | description | date | |
---|---|---|---|
No known exploits |
Other (github, ...)
Url |
---|
https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f |
CAPEC
Common Attack Pattern Enumerations and Classifications
id | description | severity |
---|---|---|
No entry |
MITRE
Sherlock® flash
Take a picture of your computer network in a few clicks !
The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.
