{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-05-08T00:00:00", "descriptions": [{"lang": "en", "value": "The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-08-19T15:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2011:0927", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4"}, {"name": "[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/24/3"}, {"name": "1025778", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1025778"}, {"name": "[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/24/2"}, {"name": "[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909"}, {"name": "HPSBGN02970", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:00:34.100Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2011:0927", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4"}, {"name": "[oss-security] 20110624 Re: CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/24/3"}, {"name": "1025778", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1025778"}, {"name": "[oss-security] 20110624 CVE request: kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/24/2"}, {"name": "[linux-bluetooth] 20110508 Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909"}, {"name": "HPSBGN02970", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2492", "datePublished": "2011-07-28T22:00:00", "dateReserved": "2011-06-15T00:00:00", "dateUpdated": "2024-08-06T23:00:34.100Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0135A6D-9FB7-4E1B-B471-914E37494942", "versionEndExcluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:-:*:*:*:*:*:*", "matchCriteriaId": "2E4912EC-CC92-41CA-A2DA-027291975A84", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "D30AEC07-3CBD-4F4F-9646-BEAA1D98750B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "C2AA8E68-691B-499C-AEDD-3C0BFFE70044", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "9440475B-5960-4066-A204-F30AAFC87846", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "E9D9A0B9-D6B1-42C3-9571-72B7B2D72776", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "903512FC-0017-4564-9B89-7E64FFB14B11", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c."}, {"lang": "es", "value": "El subsistema de bluetooth en el kernel de Linux anteriores a v3.0-rc4 no inicializa correctamente algunas estructuras de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel a trav\u00e9s de una llamada getsockopt manipulada, en relaci\u00f3n con (1) la funci\u00f3n l2cap_sock_getsockopt_old en net/bluetooth/l2cap_sock.c y (2) la funci\u00f3n rfcomm_sock_getsockopt_old en net/bluetooth/rfcomm/sock.c."}], "id": "CVE-2011-2492", "lastModified": "2023-02-13T01:19:49.227", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-07-28T22:55:01.593", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://permalink.gmane.org/gmane.linux.bluez.kernel/12909"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1025778"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/06/24/2"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/06/24/3"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Filip Palian and Marek Kroemeke for reporting this issue.", "affected_release": [{"advisory": "RHSA-2011:0927", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-238.19.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-07-15T00:00:00Z"}, {"advisory": "RHSA-2011:1189", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-131.12.1.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-08-23T00:00:00Z"}, {"advisory": "RHSA-2011:1253", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-0:2.6.33.9-rt31.75.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2011-09-12T00:00:00Z"}], "bugzilla": {"description": "kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace", "id": "703019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703019"}, "csaw": false, "cvss": {"cvss_base_score": "1.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "details": ["The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c."], "name": "CVE-2011-2492", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_mrg:1", "fix_state": "Affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 1"}], "public_date": "2011-05-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-2492\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2492"], "statement": "This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. It has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-1189.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "threat_severity": "Low"}