Common Vulnerabilities and Exposures assigned an identifier CVE-2011-2471 to the following vulnerability: Name: CVE-2011-2471 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2471 Assigned: 20110609 Reference: URL:http://openwall.com/lists/oss-security/2011/05/03/1 Reference: URL:http://openwall.com/lists/oss-security/2011/05/10/6 Reference: URL:http://openwall.com/lists/oss-security/2011/05/10/7 Reference: URL:http://openwall.com/lists/oss-security/2011/05/11/1 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=700883 Reference: DEBIAN:DSA-2254 Reference: URL:http://www.debian.org/security/2011/dsa-2254 utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) --vmlinux, (2) --session-dir, or (3) --xen argument, related to the daemonrc file and the do_save_setup and do_load_setup functions, a different vulnerability than CVE-2011-1760.
Statement: Red Hat currently does not plan to address this issue. For details refer to: https://bugzilla.redhat.com/show_bug.cgi?id=700883#c18