Unrated severityNVD Advisory· Published Jul 11, 2011· Updated Apr 29, 2026

CVE-2011-2398

Description

Unspecified vulnerability in the dynamic loader in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges or cause a denial of service via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A vulnerability in the HP-UX dynamic loader allows local users to escalate privileges or cause a denial of service on affected versions.

Vulnerability

The dynamic loader in HP-UX B.11.11, B.11.23, and B.11.31 contains an unspecified vulnerability that can be exploited locally. The exact nature is not disclosed, but it resides in the dynamic loader component. [1]

Exploitation

An attacker requires local access to the system and valid user credentials (CVSS: AV:L/AC:L/Au:S). The exploitation vector is unknown but likely involves loading a malicious shared library or manipulating loader behavior. [1]

Impact

Successful exploitation can lead to local privilege escalation (gaining elevated privileges) or a denial of service (DoS). The CVSS score of 6.8 indicates high confidentiality, integrity, and availability impact. [1]

Mitigation

HP has released patches: PHSS_42253 for B.11.11, PHSS_42043 for B.11.23, and PHSS_42040 for B.11.31. These are available from the HP Support Center. No workarounds are documented. [1]

References

'[security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation,'

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Microfocus/Hpux3 versions
cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
- cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
HPE/HP-UXllm-fuzzy
Range: B.11.11, B.11.23, B.11.31

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

marc.infonvdVendor Advisory
secunia.com/advisories/45132nvdVendor Advisory
securityreason.com/securityalert/8303nvd
securitytracker.com/idnvd
www.osvdb.org/73616nvd
www.securityfocus.com/bid/48577nvd
exchange.xforce.ibmcloud.com/vulnerabilities/68399nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12615nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000