CVE-2011-1173

Linux Kernel < 2.6.39 - Information Disclosure via Uninitialized AUN Packet Data

Title source: llm
STIX 2.1

Description

The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet.

References (8)

Core 8
Core References
Patch, Third Party Advisory mailing-list x_refsource_mlist
http://marc.info/?l=linux-netdev&m=130036203528021&w=2
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/03/18/15
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8279
Release Notes, Vendor Advisory x_refsource_confirm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/03/21/4
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/03/21/1

Scores

EPSS 0.0261
EPSS Percentile 83.6%

Details

CWE
CWE-200
Status published
Products (1)
linux/linux_kernel < 2.6.39
Published Jun 22, 2011
Tracked Since Feb 18, 2026