Vulnerabilities > CVE-2011-2208 - Numeric Errors vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://www.openwall.com/lists/oss-security/2011/06/15/7
- http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4
- https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21c5977a836e399fc710ff2c5367845ed5c2527f