mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
126 lines
4.3 KiB
JSON
126 lines
4.3 KiB
JSON
{
|
|
"id": "CVE-2011-3619",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2013-06-08T13:05:55.190",
|
|
"lastModified": "2023-02-13T04:32:40.383",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La funci\u00f3n apparmor_setprocattr en security/apparmor/lsm.c de los kernel Linux anteriores a v3.0 no maneja adecuadamente los par\u00e1metros inv\u00e1lidos, permitiendo que usuarios locales provoquen una denegaci\u00f3n de servicio (referencia a puntero NULL y OOPS) o probablemente ocasionar otro impacto no especificado mediante la escritura en un fichero de /proc/#####/attr/current."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 4.6
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:rc7:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.0",
|
|
"matchCriteriaId": "C06621EF-286A-4BE7-BC41-8394E7CE429E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D30AEC07-3CBD-4F4F-9646-BEAA1D98750B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2AA8E68-691B-499C-AEDD-3C0BFFE70044"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9440475B-5960-4066-A204-F30AAFC87846"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "53BCFBFB-6AF0-4525-8623-7633CC5E17DB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6ED4E86A-74F0-436A-BEB4-3F4EE93A5421"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BF0365B0-8E16-4F30-BD92-5DD538CC8135"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a5b2c5b2ad5853591a6cac6134cd0f599a720865",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2011/10/17/6",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://github.com/torvalds/linux/commit/a5b2c5b2ad5853591a6cac6134cd0f599a720865",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Exploit",
|
|
"Patch"
|
|
]
|
|
}
|
|
]
|
|
} |