CVE-2011-1173 - Vulnerability Details - OpenCVE

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e
http://marc.info/?l=linux-netdev&m=130036203528021&w=2
http://securityreason.com/securityalert/8279
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
http://www.openwall.com/lists/oss-security/2011/03/18/15
http://www.openwall.com/lists/oss-security/2011/03/21/1
http://www.openwall.com/lists/oss-security/2011/03/21/4
https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-06-22T22:00:00

Updated: 2024-08-06T22:21:32.219Z

Reserved: 2011-03-03T00:00:00

Link: CVE-2011-1173

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-06-22T22:55:01.810

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-1173

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-17T00:00:00", "descriptions": [{"lang": "en", "value": "The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-09-22T09:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[netdev] 20110317 [PATCH] econet: 4 byte infoleak to the network", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-netdev&m=130036203528021&w=2"}, {"name": "[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/03/18/15"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e"}, {"name": "8279", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8279"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14"}, {"name": "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/4"}, {"name": "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/1"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:21:32.219Z"}, "title": "CVE Program Container", "references": [{"name": "[netdev] 20110317 [PATCH] econet: 4 byte infoleak to the network", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-netdev&m=130036203528021&w=2"}, {"name": "[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/03/18/15"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e"}, {"name": "8279", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8279"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14"}, {"name": "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/4"}, {"name": "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-1173", "datePublished": "2011-06-22T22:00:00", "dateReserved": "2011-03-03T00:00:00", "dateUpdated": "2024-08-06T22:21:32.219Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "176353CE-F17E-4776-AD9F-19014DA75B76", "versionEndExcluding": "2.6.39", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet."}, {"lang": "es", "value": "La funci\u00f3n econet_sendmsg en net/econet/af_econet.c en el kernel Linux antes de v2.6.39 en plataformas x86_64, permite a atacantes remototos obtener informaci\u00f3n potencialmente sensible de la pila de memoria del kernel leyendo datos no inicializados en el campo ah de un paquete Acorn Universal Networking (AUN)"}], "id": "CVE-2011-1173", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-06-22T22:55:01.810", "references": [{"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-netdev&m=130036203528021&w=2"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/8279"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/03/18/15"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/1"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/4"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "http://marc.info/?l=linux-netdev&m=130036203528021&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://securityreason.com/securityalert/8279"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/03/18/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2011/03/21/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}