utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) –vmlinux, (2) –session-dir, or (3) –xen argument, related to the daemonrc file and the do_save_setup and do_load_setup functions, a different vulnerability than CVE-2011-1760.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Oprofile | Maynard_johnson | * | 0.9.6 (including) |
| Oprofile | Maynard_johnson | 0.1 (including) | 0.1 (including) |
| Oprofile | Maynard_johnson | 0.2 (including) | 0.2 (including) |
| Oprofile | Maynard_johnson | 0.3 (including) | 0.3 (including) |
| Oprofile | Maynard_johnson | 0.4 (including) | 0.4 (including) |
| Oprofile | Maynard_johnson | 0.5 (including) | 0.5 (including) |
| Oprofile | Maynard_johnson | 0.5.1 (including) | 0.5.1 (including) |
| Oprofile | Maynard_johnson | 0.5.2 (including) | 0.5.2 (including) |
| Oprofile | Maynard_johnson | 0.5.3 (including) | 0.5.3 (including) |
| Oprofile | Maynard_johnson | 0.5.4 (including) | 0.5.4 (including) |
| Oprofile | Maynard_johnson | 0.6 (including) | 0.6 (including) |
| Oprofile | Maynard_johnson | 0.6.1 (including) | 0.6.1 (including) |
| Oprofile | Maynard_johnson | 0.7 (including) | 0.7 (including) |
| Oprofile | Maynard_johnson | 0.7.1 (including) | 0.7.1 (including) |
| Oprofile | Maynard_johnson | 0.8 (including) | 0.8 (including) |
| Oprofile | Maynard_johnson | 0.8.1 (including) | 0.8.1 (including) |
| Oprofile | Maynard_johnson | 0.8.2 (including) | 0.8.2 (including) |
| Oprofile | Maynard_johnson | 0.9 (including) | 0.9 (including) |
| Oprofile | Maynard_johnson | 0.9.1 (including) | 0.9.1 (including) |
| Oprofile | Maynard_johnson | 0.9.2 (including) | 0.9.2 (including) |
| Oprofile | Maynard_johnson | 0.9.3 (including) | 0.9.3 (including) |
| Oprofile | Maynard_johnson | 0.9.4 (including) | 0.9.4 (including) |
| Oprofile | Maynard_johnson | 0.9.5 (including) | 0.9.5 (including) |