Vulnerability identifier: #VU44027

Vulnerability risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2011-2707

CWE-ID: CWE-200

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local privileged user to #BASIC_IMPACT#.

The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 3.0 - 3.0.101

---

External links
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0d0138ebe24b94065580bd2601f8bb7eb6152f56
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1
http://www.openwall.com/lists/oss-security/2011/07/20/18
http://github.com/torvalds/linux/commit/0d0138ebe24b94065580bd2601f8bb7eb6152f56

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.