Vulnerability Name: | CVE-2011-0006 (CCN-65351) | ||||||||||||||||||||||||||||||||||||||||||||||||
Assigned: | 2010-12-07 | ||||||||||||||||||||||||||||||||||||||||||||||||
Published: | 2011-01-04 | ||||||||||||||||||||||||||||||||||||||||||||||||
Updated: | 2023-02-13 | ||||||||||||||||||||||||||||||||||||||||||||||||
Summary: | The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM. | ||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N) 1.4 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:TF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:TF/RC:C)
1.2 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:M/Au:S/C:N/I:P/A:N/E:U/RL:TF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Other | ||||||||||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2011-0006 Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: Linux Kernel Archives Web site Linux Kernel Archives Source: CCN Type: RHSA-2011-0498 Important: kernel security, bug fix, and enhancement update Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: OSVDB ID: 71650 Linux Kernel ima_match_rules() LSM Rule Mismatch Weakness Source: CCN Type: BID-46323 Linux Kernel 'security_filter_rule_init()' Local Security Bypass Vulnerability Source: CCN Type: Red Hat Bugzilla Bug 667912 CVE-2011-0006 kernel: ima: fix add LSM rule bug Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: XF Type: UNKNOWN linux-kernel-filterrule-weak-security(65351) Source: secalert@redhat.com Type: Patch secalert@redhat.com Source: SUSE Type: SUSE-SA:2011:012 Linux kernel security update | ||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||
BACK |