CVE-2011-2905

Advisory lineage Upstream: 0 Downstream: 2

Downstream

DSA-2303-1 RHSA-2011:1465

Modified

Published: 01 Mar 2013, 11:00

Last modified:06 Aug 2024, 23:15

Vulnerability Summary

Overall Risk (default)

medium

25/100

CVSS Score

6.2 MEDIUM

v2.0 (nvd)

EPSS Score

0.23% LOW

0% probability +0.05%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 Mar 2013, 11:00

Published

Vulnerability first disclosed

06 Aug 2024, 23:15

Last Modified

Vulnerability information updated

Description

Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory.

CVSS Metrics

v2.0•MEDIUM•Score: 6.2AV:L/AC:H/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.23%• Percentile: 46%

Affected Systems

linux•linux_kernel
≤ 3.0.68 | 3.0.1 | 3.0.2 | 3.0.3 | 3.0.4 | 3.0.5 | 3.0.6 | 3.0.7 | 3.0.8 | 3.0.9 | 3.0.10 | 3.0.11 | 3.0.12 | 3.0.13 | 3.0.14 | 3.0.15 | 3.0.16 | 3.0.17 | 3.0.18 | 3.0.19 | 3.0.20 | 3.0.21 | 3.0.22 | 3.0.23 | 3.0.24 | 3.0.25 | 3.0.26 | 3.0.27 | 3.0.28 | 3.0.29 | 3.0.30 | 3.0.31 | 3.0.32 | 3.0.33 | 3.0.34 | 3.0.35 | 3.0.36 | 3.0.37 | 3.0.38 | 3.0.39 | 3.0.40 | 3.0.41 | 3.0.42 | 3.0.43 | 3.0.44 | 3.0.45 | 3.0.46 | 3.0.47 | 3.0.48 | 3.0.49 | 3.0.50 | 3.0.51 | 3.0.52 | 3.0.53 | 3.0.54 | 3.0.55 | 3.0.56 | 3.0.57 | 3.0.58 | 3.0.59 | 3.0.60 | 3.0.61 | 3.0.62 | 3.0.63 | 3.0.64 | 3.0.65 | 3.0.66 | 3.0.67