CVE-2011-1768
kernel: netns vs proto registration ordering
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading.
La implementación de túneles ("tunnels") del kernel de Linux en versiones anteriores a la 2.6.34, si la funcionalidad de túneles está configurada como módulo, permite a atacantes remotos provocar una denegación de servicio (OOPS) enviando un paquete durante la carga del módulo.
It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-04-19 CVE Reserved
- 2011-06-19 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 | X_refsource_confirm | |
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d5aa407f59f5b83d2c50ec88f5bf56d40f1f8978 | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2011/05/05/6 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/d5aa407f59f5b83d2c50ec88f5bf56d40f1f8978 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=702303 | 2011-09-12 | |
| https://access.redhat.com/security/cve/CVE-2011-1768 | 2011-09-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.33.20 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.33.20" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.1 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.1" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.2 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.2" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.3 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.3" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.4 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.4" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.5 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.5" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.6 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.6" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.7 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.7" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.8 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.8" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.9 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.9" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.10 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.10" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.11 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.11" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.12 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.12" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.13 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.13" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.14 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.14" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.15 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.15" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.16 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.16" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.17 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.17" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.18 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.18" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.33.19 Search vendor "Linux" for product "Linux Kernel" and version "2.6.33.19" | - |
Affected
| ||||||