CVE-2011-2472

Priority
Description
Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and
earlier might allow local users to overwrite arbitrary files via a .. (dot
dot) in the --save argument, related to the --session-dir argument, a
different vulnerability than CVE-2011-1760.
Assigned-to
jdstrand
Notes
jdstrandthis is reverted in later patches and needs an additional patch:
http://www.openwall.com/lists/oss-security/2011/07/07/6
Package
Upstream:needed
More Information

Updated: 2019-12-05 20:57:18 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)