Upstream information

CVE-2011-2492 at MITRE

Description

The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 1.85
Vector AV:L/AC:M/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
SUSE Bugzilla entry: 702014 [RESOLVED / NORESPONSE]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • kernel-default >= 2.6.16.60-0.113.1
  • kernel-source >= 2.6.16.60-0.113.1
  • kernel-syms >= 2.6.16.60-0.113.1
Builds
ZYPP Patch Nr: 8755
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
  • kernel-debug >= 2.6.16.60-0.113.1
  • kernel-default >= 2.6.16.60-0.113.1
  • kernel-kdump >= 2.6.16.60-0.113.1
  • kernel-smp >= 2.6.16.60-0.113.1
  • kernel-source >= 2.6.16.60-0.113.1
  • kernel-syms >= 2.6.16.60-0.113.1
  • kernel-xen >= 2.6.16.60-0.113.1
Builds
ZYPP Patch Nr: 8756
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • kernel-default >= 2.6.16.60-0.105.1
  • kernel-source >= 2.6.16.60-0.105.1
  • kernel-syms >= 2.6.16.60-0.105.1
Builds
ZYPP Patch Nr: 8816
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
  • kernel-debug >= 2.6.16.60-0.105.1
  • kernel-default >= 2.6.16.60-0.105.1
  • kernel-kdump >= 2.6.16.60-0.105.1
  • kernel-smp >= 2.6.16.60-0.105.1
  • kernel-source >= 2.6.16.60-0.105.1
  • kernel-syms >= 2.6.16.60-0.105.1
  • kernel-xen >= 2.6.16.60-0.105.1
Builds
ZYPP Patch Nr: 8818
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • kernel-bigsmp >= 2.6.16.60-0.105.1
  • kernel-debug >= 2.6.16.60-0.105.1
  • kernel-default >= 2.6.16.60-0.105.1
  • kernel-kdump >= 2.6.16.60-0.105.1
  • kernel-kdumppae >= 2.6.16.60-0.105.1
  • kernel-smp >= 2.6.16.60-0.105.1
  • kernel-source >= 2.6.16.60-0.105.1
  • kernel-syms >= 2.6.16.60-0.105.1
  • kernel-vmi >= 2.6.16.60-0.105.1
  • kernel-vmipae >= 2.6.16.60-0.105.1
  • kernel-xen >= 2.6.16.60-0.105.1
  • kernel-xenpae >= 2.6.16.60-0.105.1
Builds
ZYPP Patch Nr: 8817
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • kernel-bigsmp >= 2.6.16.60-0.113.1
  • kernel-debug >= 2.6.16.60-0.113.1
  • kernel-default >= 2.6.16.60-0.113.1
  • kernel-kdump >= 2.6.16.60-0.113.1
  • kernel-kdumppae >= 2.6.16.60-0.113.1
  • kernel-smp >= 2.6.16.60-0.113.1
  • kernel-source >= 2.6.16.60-0.113.1
  • kernel-syms >= 2.6.16.60-0.113.1
  • kernel-vmi >= 2.6.16.60-0.113.1
  • kernel-vmipae >= 2.6.16.60-0.113.1
  • kernel-xen >= 2.6.16.60-0.113.1
  • kernel-xenpae >= 2.6.16.60-0.113.1
Builds
ZYPP Patch Nr: 8754