CVE-2011-2492 in Linux and Red Hat Products
Published on July 28, 2011

The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2011-2492

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2011-2492 are published in these products:

Linux Kernel

Red Hat Enterprise Linux Aus

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Eus

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Workstation

Exploit Probability

EPSS

0.06%

Percentile

17.15%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2011-2492 in Linux and Red Hat ProductsPublished on July 28, 2011

Products Associated with CVE-2011-2492

Exploit Probability

CVE-2011-2492 in Linux and Red Hat Products
Published on July 28, 2011