CVE-2011-2495 (retired)

Priority
Description
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly
restrict access to /proc/#####/io files, which allows local users to obtain
sensitive I/O statistics by polling a file, as demonstrated by discovering
the length of another user's password.
Ubuntu-Description
Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy.
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
Package
Upstream:released (3.1~rc1)
More Information

Updated: 2019-03-26 11:57:10 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)