CVE-2011-1173
Linux Kernel < 2.6.39 - Information Disclosure via Uninitialized AUN Packet Data
Title source: llmDescription
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet.
References (8)
Core 8
Core References
Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://marc.info/?l=linux-netdev&m=130036203528021&w=2
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/03/18/15
Patch x_refsource_confirm
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8279
Release Notes, Vendor Advisory x_refsource_confirm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/03/21/4
Mailing List, Patch, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/03/21/1
Scores
EPSS
0.0261
EPSS Percentile
83.6%
Details
CWE
CWE-200
Status
published
Products (1)
linux/linux_kernel
< 2.6.39
Published
Jun 22, 2011
Tracked Since
Feb 18, 2026