Candidate: CVE-2011-1495
Description: information disclosure in mpt2ctl
References:
 jmm> http://marc.info/?l=linux-scsi&m=130202237006310&w=2
 jmm> The /dev file is owned by root as standard, so shouldn't be an issue
 jmm> for sane installations
 jmm> no upstream fix as of 2011-04-18
Notes:
Bugs:
upstream: released (2.6.39-rc6) [a1f74ae82d133ebb2aabb19d181944b4e83e9960]
2.6.32-upstream-stable: released (2.6.32.40)
sid: released (2.6.38-5)
2.6.26-lenny-security: N/A "code not present"
2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/mpt2sas-prevent-heap-overflows-and-unchecked-reads.patch]