Vulnerabilities > CVE-2011-2209 - Numeric Errors vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-2310.NASL |
description | Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-4067 Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the auerswald module, a driver for Auerswald PBX/System Telephone USB devices. Attackers with physical access to a system |
last seen | 2020-03-17 |
modified | 2011-09-26 |
plugin id | 56285 |
published | 2011-09-26 |
reporter | This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/56285 |
title | Debian DSA-2310-1 : linux-2.6 - privilege escalation/denial of service/information leak |
References
- http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4
- https://github.com/torvalds/linux/commit/21c5977a836e399fc710ff2c5367845ed5c2527f
- http://www.openwall.com/lists/oss-security/2011/06/15/7
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21c5977a836e399fc710ff2c5367845ed5c2527f