Unrated severityNVD Advisory· Published Jun 21, 2012· Updated Jun 16, 2026
CVE-2011-1078
CVE-2011-1078
Description
The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.38.8
- cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*
- (no CPE)range: <2.6.39
Patches
Vulnerability mechanics
References
8- github.com/torvalds/linux/commit/c4c896e1471aec3b004a693c689f60be3b17ac86nvdPatch
- downloads.avaya.com/css/P8/documents/100145416nvd
- ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39nvd
- git.kernel.orgnvd
- rhn.redhat.com/errata/RHSA-2011-0833.htmlnvd
- rhn.redhat.com/errata/RHSA-2012-1156.htmlnvd
- www.openwall.com/lists/oss-security/2011/03/01/10nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.