cbcvebase.
CVE-2011-2471
published 2011-06-09

CVE-2011-2471: utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) --vmlinux, (2) --session-dir, or…

PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.48%
38.0th percentile
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) --vmlinux, (2) --session-dir, or (3) --xen argument, related to the daemonrc file and the do_save_setup and do_load_setup functions, a different vulnerability than CVE-2011-1760.

Affected

23 ranges
VendorProductVersion rangeFixed in
maynard_johnsonoprofile<= 0.9.6
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile
maynard_johnsonoprofile

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
vendor_ubuntu7.2HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.