CVE-2011-0006

Published: 6/21/2012 Last updated: 8/6/2024 Reserved: 12/7/2010

The ima_lsm_rule_init function in security/integrity/ima/ima_policy.c in the Linux kernel before 2.6.37, when the Linux Security Modules (LSM) framework is disabled, allows local users to bypass Integrity Measurement Architecture (IMA) rules in opportunistic circumstances by leveraging an administrator's addition of an IMA rule for LSM.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
n/a	n/a	Version 1709 for ARM64-based Systems

References (10)

http://www.openwall.com/lists/oss-security/2011/01/06/18
https://bugzilla.redhat.com/show_bug.cgi?id=667912
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9
http://www.openwall.com/lists/oss-security/2011/01/06/18
https://bugzilla.redhat.com/show_bug.cgi?id=667912
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=867c20265459d30a01b021a9c1e81fb4c5832aa9
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37
https://github.com/torvalds/linux/commit/867c20265459d30a01b021a9c1e81fb4c5832aa9