1.9

CVE-2011-0006

EPSS 0.08%
Veröffentlicht 21.06.2012 23:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 2.6.36.4

Linux ≫ Linux Kernel Version2.6.36.1

Linux ≫ Linux Kernel Version2.6.36.2

Linux ≫ Linux Kernel Version2.6.36.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.232

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:N/I:P/A:N

http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37

http://www.openwall.com/lists/oss-security/2011/01/06/18

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9

https://bugzilla.redhat.com/show_bug.cgi?id=667912

https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9

Patch

https://nvd.nist.gov/vuln/detail/CVE-2011-0006

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-0006

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-0006

EUVD