Unrated severityNVD Advisory· Published Jul 28, 2011· Updated Apr 29, 2026
CVE-2011-2492
CVE-2011-2492
Description
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Affected products
10cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <3.0
- cpe:2.3:o:linux:linux_kernel:3.0:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_aus:5.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.openwall.com/lists/oss-security/2011/06/24/2nvdMailing ListPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2011/06/24/3nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- marc.infonvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2011-0927.htmlnvdThird Party Advisory
- securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- permalink.gmane.org/gmane.linux.bluez.kernel/12909nvdBroken Link
- www.kernel.org/pub/linux/kernel/v3.0/testing/ChangeLog-3.0-rc4nvdBroken Link
News mentions
0No linked articles in our index yet.