Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-4916

Published: 12 July 2022

Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.

Notes

AuthorNote
apw
kernel side this is likely fixed by the commits below, we likely either
also need a local patch to change defaults or userspace work to ensure
appropriate mount options:
0499680a42141d86417a8fbaa8c8db806bea1201
a2ef990ab5a6705a356d146dd773a3b359787497
They also need some chmoding.  But basically upstream says
that we have what we needed for these.

Priority

Low

Cvss 3 Severity Score

5.5

Score breakdown

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
hardy Ignored
(end of life)
lucid Ignored
(end of life)
maverick Ignored
(end of life)
natty Ignored
(end of life)
oneiric Ignored
(end of life)
precise Ignored
(end of life)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Ignored
(upstream determined we have sufficient facilities already)
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-armadaxp
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise Ignored
(end of life)
quantal Ignored
(end of life)
raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
This package is not directly supported by the Ubuntu Security Team
linux-ec2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(end of life)
maverick Ignored
(end of life)
natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-flo
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty Does not exist
(trusty was ignored [upstream determined we have sufficient facilities already])
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(end of life)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-goldfish
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [upstream determined we have sufficient facilities already])
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-grouper
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [upstream determined we have sufficient facilities already])
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-lts-backport-maverick
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(end of life)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-lts-backport-natty
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(end of life)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-lts-backport-oneiric
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(end of life)
maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-lts-quantal
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

oneiric Does not exist

precise Ignored
(end of life)
quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Does not exist

linux-lts-raring
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

oneiric Does not exist

precise Ignored
(end of life)
quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-lts-saucy
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Ignored
(end of life)
quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-maguro
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [upstream determined we have sufficient facilities already])
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-mako
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [upstream determined we have sufficient facilities already])
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-manta
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored

trusty Does not exist
(trusty was ignored [upstream determined we have sufficient facilities already])
upstream Ignored
(upstream determined we have sufficient facilities already)
linux-mvl-dove
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(end of life)
maverick Ignored
(end of life)
natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)
linux-ti-omap4
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick Ignored
(end of life)
natty Ignored
(end of life)
oneiric Ignored
(end of life)
precise Ignored
(end of life)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Does not exist

upstream Ignored
(upstream determined we have sufficient facilities already)

Severity score breakdown

Parameter Value
Base score 5.5
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N