cbcvebase.
CVE-2011-1479
published 2012-06-21

CVE-2011-1479: Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors…

PriorityP417medium4.7CVSS 2.0
AVLACMAuNCNINAC
EXPLOIT
EPSS
0.80%
52.1th percentile
Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors involving failed attempts to create files. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-4250.

Affected

9 ranges
VendorProductVersion rangeFixed in
linuxlinux_kernel<= 2.6.38.8
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel
linuxlinux_kernel

CVSS provenance

nvdv2.04.7MEDIUMAV:L/AC:M/Au:N/C:N/I:N/A:C
vendor_redhat4.9MEDIUM
vendor_ubuntu4.9MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.