Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2011-1021 |
CWE-ID | CWE-264 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU43964
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2011-1021
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate or delete data.
drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: 2.6.9
CPE2.3 External linkshttp://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=526b4af47f44148c9d665e57723ed9f86634c6e3
http://www.openwall.com/lists/oss-security/2011/02/25/5
http://bugzilla.redhat.com/show_bug.cgi?id=680841
http://github.com/torvalds/linux/commit/526b4af47f44148c9d665e57723ed9f86634c6e3
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.