VYPR
Unrated severityNVD Advisory· Published Jun 13, 2012· Updated Jun 16, 2026

CVE-2011-2495

CVE-2011-2495

Description

fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Linux/Kernel12 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=2.6.39.3
    • cpe:2.3:o:linux:linux_kernel:2.6.39:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39.1:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39.2:*:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:2.6.39:rc7:*:*:*:*:*:*
    • (no CPE)range: <2.6.39.4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.