Unrated severityNVD Advisory· Published Jun 13, 2012· Updated Jun 16, 2026
CVE-2011-2495
CVE-2011-2495
Description
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.39.3
- cpe:2.3:o:linux:linux_kernel:2.6.39:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39.2:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.39:rc7:*:*:*:*:*:*
- (no CPE)range: <2.6.39.4
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.