CVE-2011-2471

Priority
Medium
Description
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to
gain privileges via shell metacharacters in the (1) --vmlinux, (2)
--session-dir, or (3) --xen argument, related to the daemonrc file and the
do_save_setup and do_load_setup functions, a different vulnerability than
CVE-2011-1760.
References
Bugs
Assigned-to
jdstrand
Package
Upstream:released (0.9.6-1.2)
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):released (0.9.6-1ubuntu4.4)
Ubuntu 11.04 (Natty Narwhal):released (0.9.6-1.1ubuntu2.1)
Ubuntu 11.10 (Oneiric Ocelot):released (0.9.6-1.3ubuntu1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:12 UTC (commit 5347)