Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-1021

Опубликовано: 22 фев. 2011
Источник: redhat
CVSS2: 6
EPSS Низкий

Описание

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.

Отчет

The version of Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and 6 as they did not include upstream commit a1a541d8 and a25ee920 that introduced the problem. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1253.html. Notes: This requires debugfs to be mounted on a local system in order to have access to the custom_method file. Debugfs is not mounted by default. You need to run "mount -t debugfs nodev /sys/kernel/debug" as root first.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelNot affected
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2011:125312.09.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=680841kernel: /sys/kernel/debug/acpi/custom_method can bypass module restrictions

EPSS

Процентиль: 39%
0.00169
Низкий

6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-1021

ubuntu
больше 13 лет назад

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.

nvd логотип

CVE-2011-1021

nvd
больше 13 лет назад

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.

debian логотип

CVE-2011-1021

debian
больше 13 лет назад

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local use ...

github логотип

GHSA-42f2-xvqw-p5x2

github
больше 3 лет назад

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.

EPSS

Процентиль: 39%
0.00169
Низкий

6 Medium

CVSS2