Unrated severityNVD Advisory· Published Apr 22, 2019· Updated Sep 16, 2024

SELinux initscript misuse of touch

CVE-2011-3151

Description

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Ubuntu/SELinux initscriptllm-create
Range: <1:0.10

Patches

Vulnerability mechanics

References

launchpadlibrarian.net/88098106/selinux_0.10~10.04.1.debdiffmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000