Linux » Linux Kernel : Security Vulnerabilities, CVEs, Published In February 2011 (Information Leak)
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls.
Max CVSS
4.6
EPSS Score
0.04%
Published
2011-02-28
Updated
2020-08-12
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.
Max CVSS
2.1
EPSS Score
0.04%
Published
2011-02-18
Updated
2023-02-13
2 vulnerabilities found