CVE-2011-4080

{"id": "CVE-2011-4080", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-05-24T23:55:02.433", "references": [{"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bfdc0b497faa82a0ba2f9dddcf109231dd519fcc", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2011/10/26/10", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/torvalds/linux/commit/bfdc0b497faa82a0ba2f9dddcf109231dd519fcc", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bfdc0b497faa82a0ba2f9dddcf109231dd519fcc", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2011/10/26/10", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/torvalds/linux/commit/bfdc0b497faa82a0ba2f9dddcf109231dd519fcc", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment."}, {"lang": "es", "value": "La funci\u00f3n sysrq_sysctl_handler en kernel/sysctl.c en el kernel de Linux antes de v2.6.39 no requiere la capacidad de CAP_SYS_ADMIN para modificar el valor dmesg_restrict, lo que permite a usuarios locales eludir restricciones de acceso y leer el buffer de anillo del n\u00facleo mediante el aprovechamiento de los privilegios de root, como se demuestra por un usuario root en un entorno Linux Containers (tambi\u00e9n conocido como LXC)."}], "lastModified": "2024-11-21T01:31:48.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "176353CE-F17E-4776-AD9F-19014DA75B76", "versionEndExcluding": "2.6.39"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}