CVE-2011-3590

Published: Feb 15, 2014Modified: Apr 29, 2026

5.7

Vector

AV:A/AC:M/Au:N/C:C/I:N/A:N

Exploitability: 5.5 / Impact: 6.9

Source: NVD

Description

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context-dependent attackers to obtain sensitive information by inspecting the file content.

Affected (2)

Products: Redhat: Kexec Tools

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Kexec Tools	Up to 1.102pre-126
Redhat Kexec Tools	Up to 2.0.0-188

Related CWEs

References (6)

http://rhn.redhat.com/errata/RHSA-2011-1532.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2012-0152.html

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=716439

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2011-1532.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2012-0152.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=716439

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.