CVE-2012-1090

Опубликовано: 17 мая 2012

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0481.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0531.html
Third Party Advisory
http://secunia.com/advisories/48842
Broken Link
http://secunia.com/advisories/48964
Broken Link
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10
Mailing List
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/02/28/4
Mailing List
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=798293
Issue Tracking
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/88d7d4e4a439f32acc56a6d860e415ee71d3df08
Patch
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0481.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0531.html
Third Party Advisory
http://secunia.com/advisories/48842
Broken Link
http://secunia.com/advisories/48964
Broken Link
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10
Mailing List
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/02/28/4
Mailing List
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=798293
Issue Tracking
Patch
Third Party Advisory
https://github.com/torvalds/linux/commit/88d7d4e4a439f32acc56a6d860e415ee71d3df08
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 3.2.10 (исключая)

Конфигурация 2

cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:-:*:*:*

EPSS

Процентиль: 19%

0.00061

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2012-1090

CVSS3: 5.5

ubuntu

около 13 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

CVE-2012-1090

redhat

больше 13 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

CVE-2012-1090

CVSS3: 5.5

debian

около 13 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3 ...

GHSA-gjf7-w4hh-3pcg

CVSS3: 5.5

github

около 3 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

ELSA-2012-2008

oracle-oval

около 13 лет назад

ELSA-2012-2008: Unbreakable Enterprise kernel security and bug fix update (MODERATE)

EPSS

Процентиль: 19%

0.00061

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-20