1.9

CVE-2011-0006

EPSS 0.08%
Published 21.06.2012 23:55:01
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 2.6.36.4

Linux ≫ Linux Kernel Version2.6.36.1

Linux ≫ Linux Kernel Version2.6.36.2

Linux ≫ Linux Kernel Version2.6.36.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.232

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:N/I:P/A:N

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37

http://www.openwall.com/lists/oss-security/2011/01/06/18

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9

https://bugzilla.redhat.com/show_bug.cgi?id=667912

https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9

Patch

https://nvd.nist.gov/vuln/detail/CVE-2011-0006

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-0006

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-0006

EUVD