CVE-2011-1173

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
linuxlinux_kernel
𝑥
< 2.6.39
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
natty
Fixed 2.6.38-9.43
released
maverick
Fixed 2.6.35-30.52
released
lucid
Fixed 2.6.32-32.62
released
hardy
Fixed 2.6.24-29.92
released
linux-ec2
natty
dne
maverick
ignored
lucid
Fixed 2.6.32-316.30
released
hardy
dne
linux-fsl-imx51
natty
dne
maverick
dne
lucid
Fixed 2.6.31-610.27
released
hardy
dne
linux-lts-backport-maverick
natty
dne
maverick
dne
lucid
Fixed 2.6.35-30.54~lucid1
released
hardy
dne
linux-lts-backport-natty
natty
dne
maverick
dne
lucid
not-affected
hardy
dne
linux-mvl-dove
natty
dne
maverick
Fixed 2.6.32-417.34
released
lucid
Fixed 2.6.32-217.34
released
hardy
dne
linux-ti-omap4
natty
Fixed 2.6.38-1209.13
released
maverick
Fixed 2.6.35-903.23
released
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e
http://marc.info/?l=linux-netdev&m=130036203528021&w=2
http://securityreason.com/securityalert/8279
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://www.openwall.com/lists/oss-security/2011/03/18/15
http://www.openwall.com/lists/oss-security/2011/03/21/1
http://www.openwall.com/lists/oss-security/2011/03/21/4
https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e
http://marc.info/?l=linux-netdev&m=130036203528021&w=2
http://securityreason.com/securityalert/8279
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://www.openwall.com/lists/oss-security/2011/03/18/15
http://www.openwall.com/lists/oss-security/2011/03/21/1
http://www.openwall.com/lists/oss-security/2011/03/21/4
https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14