5.5

CVE-2011-4915

Exploit
fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 3.1
CanonicalUbuntu Linux Version14.04 SwEditionesm
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.51% 0.395
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0499680a42141d86417a8fbaa8c8db806bea1201
Patch
Vendor Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2ef990ab5a6705a356d146dd773a3b359787497
Patch
Vendor Advisory
http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4915.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2011/11/07/9
Third Party Advisory
Exploit
Mailing List
https://lkml.org/lkml/2011/11/7/340
Vendor Advisory
https://seclists.org/oss-sec/2011/q4/571
Third Party Advisory
Mailing List
https://security-tracker.debian.org/tracker/CVE-2011-4915
Third Party Advisory
https://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-about-keyboard-11131
Third Party Advisory