CVE-2011-4916

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 3.1

Description The issue allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. This is related to a component of the Linux kernel that is associated with information disclosure. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information.

Recommendations For Linux kernel versions through 3.1, consider restricting access to /dev/pts/ and /dev/tty* to minimize the risk of exploitation. As a temporary workaround, limit local user access to sensitive information until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.