CVE Reference: CVE-2011-1182

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-1182

Description:
kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call.

CVE Status:
Candidate

References:

REDHAT
  http://rhn.redhat.com/errata/RHSA-2011-0927.html

MLIST
  http://www.openwall.com/lists/oss-security/2011/03/23/2

CONFIRM
  http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=da48524eb20662618854bb3df2db01fc65f3070c
  http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39


Return to the previous page.