User: Password:
Subscribe / Log in / New account

kernel: arbitrary command execution

Package(s):kernel CVE #(s):CVE-2011-2905
Created:August 18, 2011 Updated:November 28, 2011
Description: From the Red Hat bugzilla:

It was reported that perf would look for configuration files in /etc/perfconfig, ~/.perfconfig, and ./config. If ./config is not a perf configuration file, perf could fail or possibly do unexpected things. If a privileged user was tricked into running perf in a directory containing a malicious ./config file, it could possibly lead to the execution of arbitrary commands.

Oracle ELSA-2013-1645 kernel 2013-11-26
Ubuntu USN-1285-1 linux 2011-11-29
Oracle ELSA-2011-1465 kernel 2011-11-28
Oracle ELSA-2011-2033 unbreakable kernel 2011-11-28
Oracle ELSA-2011-2033 unbreakable kernel 2011-11-28
Ubuntu USN-1281-1 linux-ti-omap4 2011-11-24
Ubuntu USN-1279-1 linux-lts-backport-natty 2011-11-24
Scientific Linux SL-kern-20111122 kernel 2011-11-22
Red Hat RHSA-2011:1465-01 kernel 2011-11-22
Ubuntu USN-1256-1 linux-lts-backport-natty 2011-11-09
Ubuntu USN-1245-1 linux-mvl-dove 2011-10-25
Ubuntu USN-1244-1 linux-ti-omap4 2011-10-25
Ubuntu USN-1243-1 linux 2011-10-25
Ubuntu USN-1242-1 linux-lts-backport-maverick 2011-10-25
Ubuntu USN-1241-1 linux-fsl-imx51 2011-10-25
Ubuntu USN-1240-1 linux-mvl-dove 2011-10-25
Ubuntu USN-1239-1 linux-ec2 2011-10-25
Ubuntu USN-1253-1 linux 2011-11-08
Debian DSA-2303-2 linux-2.6 2011-09-10
Debian DSA-2303-1 linux-2.6 2011-09-08
Fedora FEDORA-2011-11103 kernel 2011-08-18
Fedora FEDORA-2011-11019 kernel 2011-08-17

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds