Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-1044

Опубликовано: 08 дек. 2010
Источник: redhat
CVSS2: 6.9
EPSS Низкий

Описание

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelAffected
MRG for RHEL-5kernel-rtFixedRHSA-2011:033010.03.2011
Red Hat Enterprise Linux 5kernelFixedRHSA-2011:092715.07.2011
Red Hat Enterprise Linux 6kernelFixedRHSA-2011:049810.05.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=667916kernel: IB/uverbs: Handle large number of entries in poll CQ

EPSS

Процентиль: 19%
0.00059
Низкий

6.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-1044

ubuntu
больше 14 лет назад

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.

nvd логотип

CVE-2011-1044

nvd
больше 14 лет назад

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.

debian логотип

CVE-2011-1044

debian
больше 14 лет назад

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c ...

github логотип

GHSA-r7qr-vhfp-52c9

github
около 3 лет назад

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.

oracle-oval логотип

ELSA-2011-2015

oracle-oval
около 14 лет назад

ELSA-2011-2015: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)

EPSS

Процентиль: 19%
0.00059
Низкий

6.9 Medium

CVSS2

Уязвимость CVE-2011-1044