VYPR
Medium severity5.9NVD Advisory· Published Jun 8, 2018· Updated Jun 16, 2026

CVE-2011-4190

CVE-2011-4190

Description

The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • SUSE S.A./kdumpllm-fuzzy2 versions
    <2012-01-20+ 1 more
    • (no CPE)range: <2012-01-20
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.