Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-1090

Опубликовано: 23 фев. 2012
Источник: redhat
CVSS2: 5.7
EPSS Низкий

Описание

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Отчет

This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the commit a6ce4932fbdbcd8f8e8c6df76812014351c32892 that introduced this issue. This issue did not affect the Linux kernel as shipped with Red Hat Enterprise MRG 2. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2012-0481.html.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelNot affected
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelAffected
Red Hat Enterprise Linux 6kernelFixedRHSA-2012:048117.04.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=798293kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount

EPSS

Процентиль: 19%
0.00061
Низкий

5.7 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-1090

CVSS3: 5.5
ubuntu
больше 13 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. "The cifs code will attempt to open files on lookup under certain circumstances. What happens though if we find that the file we opened was actually a FIFO or other special file? Currently, the open filehandle just ends up being leaked leading to a dentry refcount mismatch and oops on umount."

nvd логотип

CVE-2012-1090

CVSS3: 5.5
nvd
больше 13 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

debian логотип

CVE-2012-1090

CVSS3: 5.5
debian
больше 13 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3 ...

github логотип

GHSA-gjf7-w4hh-3pcg

CVSS3: 5.5
github
больше 3 лет назад

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

oracle-oval логотип

ELSA-2012-2008

oracle-oval
больше 13 лет назад

ELSA-2012-2008: Unbreakable Enterprise kernel security and bug fix update (MODERATE)

EPSS

Процентиль: 19%
0.00061
Низкий

5.7 Medium

CVSS2