Medium severity6.0NVD Advisory· Published May 24, 2012· Updated Apr 29, 2026

CVE-2011-2707

Description

The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <3.1

Patches

0d0138ebe24b

xtensa: prevent arbitrary read in ptrace

https://github.com/torvalds/linuxDan RosenbergJul 26, 2011via nvd-ref

commit

1 file changed · +3 −0

arch/xtensa/kernel/ptrace.c+3 −0 modified

@@ -147,6 +147,9 @@ int ptrace_setxregs(struct task_struct *child, void __user *uregs)
 	elf_xtregs_t *xtregs = uregs;
 	int ret = 0;
 
+	if (!access_ok(VERIFY_READ, uregs, sizeof(elf_xtregs_t)))
+		return -EFAULT;
+
 #if XTENSA_HAVE_COPROCESSORS
 	/* Flush all coprocessors before we overwrite them. */
 	coprocessor_flush_all(ti);

Vulnerability mechanics

Synthesis attempt was rejected by the grounding validator. Re-run pending.

References

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1nvdMailing ListPatchVendor Advisory
github.com/torvalds/linux/commit/0d0138ebe24b94065580bd2601f8bb7eb6152f56nvdPatchThird Party Advisory
www.openwall.com/lists/oss-security/2011/07/20/18nvdMailing ListThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.390
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000