Published: 24/05/2012 Updated: 13/02/2023

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 495

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The Performance Events subsystem in the Linux kernel prior to 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix multiple security issues and variousbugs are now available for Red Hat Enterprise MRG 21The Red Hat Security Response Team has rated this update as havingimportant ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows local users to gain access to sensitive process in ...

The skb_gro_header_slow function in include/linux/netdeviceh in the Linux kernel before 26394, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic Race condition in the ecryptfs_mount function in fs/e ...

Multiple kernel flaws have been fixed ...

Several security issues were fixed in the kernel ...

Multiple kernel flaws have been fixed ...

//Vince /* Error with overflows and perf::perf_count_sw_cpu_clock */ /* This test will crash Linux 300 */ /* compile with gcc -O2 -o oflo_sw_cpu_clock_crash oflo_sw_cpu_clock_crashc */ /* by Vince Weaver <vweaver1 _at_ eecsutkedu> */ #define _GNU_SOU ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-400 https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 http://www.openwall.com/lists/oss-security/2011/08/16/1 https://bugzilla.redhat.com/show_bug.cgi?id=730706 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233 https://access.redhat.com/errata/RHSA-2012:0333 https://nvd.nist.gov https://www.exploit-db.com/exploits/17769/https://usn.ubuntu.com/1204-1/https://www.debian.org/security/./dsa-2303

CVE-2011-2918

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect