CVE-2011-2518
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
24/05/2012
Last modified:
11/04/2025
Description
The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name.
Impact
Base Score 2.0
4.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 2.6.39.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dcommit%3Bh%3D4e78c724d47e2342aa8fde61f6b8536f662f795f
- http://marc.info/?l=bugtraq&m=139447903326211&w=2
- http://www.openwall.com/lists/oss-security/2011/07/01/5
- https://github.com/torvalds/linux/commit/4e78c724d47e2342aa8fde61f6b8536f662f795f
- http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba%3Dcommit%3Bh%3D4e78c724d47e2342aa8fde61f6b8536f662f795f
- http://marc.info/?l=bugtraq&m=139447903326211&w=2
- http://www.openwall.com/lists/oss-security/2011/07/01/5
- https://github.com/torvalds/linux/commit/4e78c724d47e2342aa8fde61f6b8536f662f795f