UBUNTU-CVE-2011-2492
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 28 Jul 2011, 00:00
Last modified:04 Feb 2026, 03:55
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
28 Jul 2011, 00:00
Published
Vulnerability first disclosed
04 Feb 2026, 03:55
Last Modified
Vulnerability information updated
Description
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Affected Systems
- ubuntu•linux
< 3.11.0-12.19
- ubuntu•linux-flo
< 3.4.0-1.3
- ubuntu•linux-goldfish
< 3.4.0-1.7
- ubuntu•linux-grouper
< 3.1.10-8.28
- ubuntu•linux-maguro
< 3.0.0-3.18
- ubuntu•linux-mako
< 3.4.0-3.21
- ubuntu•linux-manta
< 3.4.0-4.19
References (14)
- https://ubuntu.com/security/CVE-2011-2492
- https://ubuntu.com/security/notices/USN-1189-1
- https://ubuntu.com/security/notices/USN-1202-1
- https://ubuntu.com/security/notices/USN-1205-1
- https://ubuntu.com/security/notices/USN-1201-1
- https://ubuntu.com/security/notices/USN-1204-1
- https://ubuntu.com/security/notices/USN-1203-1
- https://ubuntu.com/security/notices/USN-1208-1
- https://ubuntu.com/security/notices/USN-1212-1
- https://ubuntu.com/security/notices/USN-1211-1
- https://ubuntu.com/security/notices/USN-1216-1
- https://ubuntu.com/security/notices/USN-1218-1
- https://ubuntu.com/security/notices/USN-1256-1
- https://www.cve.org/CVERecord?id=CVE-2011-2492