CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-3151

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.9%

CVSS Severity

CVSS v3 Score 5.2

CVSS v2 Score 5.8

References

https://launchpadlibrarian.net/88098106/selinux_0.10~10.04.1.debdiff
https://launchpadlibrarian.net/88098106/selinux_0.10~10.04.1.debdiff

Products affected by CVE-2011-3151

Canonical » Selinux » Version: Any

cpe:2.3:a:canonical:selinux:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3151

Products

Pricing

Contact Us