CVE-2012-6704

Опубликовано: 28 дек. 2016

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 7.2

CVSS3: 7.8

Описание

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.

Релиз	Статус	Примечание
devel	not-affected	4.10.0-19.21
esm-infra-legacy/trusty	not-affected	3.11.0-12.19
esm-infra/xenial	not-affected	4.2.0-16.19
precise	ignored	end of life
precise/esm	ignored	end of life, was needed
trusty	not-affected	3.11.0-12.19
trusty/esm	not-affected	3.11.0-12.19
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	not-affected	3.16.0-23.31

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1001.10
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.5~rc1
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1003.3

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	ignored	end of life, was ignored
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	ignored	end of life, was ignored
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	ignored	end of life, was ignored
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	not-affected	3.13.0-24.46~precise1
precise/esm	not-affected	3.13.0-24.46~precise1
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise	DNE
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [3.19.0-18.18~14.04.1]]
precise	DNE
precise/esm	DNE
trusty	not-affected	3.19.0-18.18~14.04.1
trusty/esm	DNE	trusty was not-affected [3.19.0-18.18~14.04.1]
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise	DNE
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise	DNE
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.5~rc1
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
precise/esm	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was ignored [abandoned]
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.10.0-1004.6
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	released	4.2.0-1014.21
xenial	not-affected	4.2.0-1013.19

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.4.0-1050.54
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1012.12

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	DNE
trusty/esm	DNE
upstream	released	3.5~rc1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 17%

0.00054

Низкий

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

CVE-2012-6704

CVSS3: 6.7

redhat

почти 14 лет назад

CVE-2012-6704

CVSS3: 7.8

nvd

около 9 лет назад

CVE-2012-6704

CVSS3: 7.8

debian

около 9 лет назад

The sock_setsockopt function in net/core/sock.c in the Linux kernel be ...

GHSA-xqxm-8fx9-rwr3

CVSS3: 7.8

github

больше 3 лет назад

BDU:2017-01665

fstec

около 9 лет назад

Уязвимость функции sock_setsockopt ядра в net/core/sock.c операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

EPSS

Процентиль: 17%

0.00054

Низкий

7.2 High

CVSS2

7.8 High

CVSS3

CVE-2012-6704

Описание

Пакет linux

Пакет linux-armadaxp

Пакет linux-aws

Пакет linux-flo

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-linaro-omap

Пакет linux-linaro-shared

Пакет linux-linaro-vexpress

Пакет linux-lts-quantal

Пакет linux-lts-raring

Пакет linux-lts-saucy

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-qcm-msm

Пакет linux-raspi2

Пакет linux-snapdragon

Пакет linux-ti-omap4

Ссылки на источники

Связанные уязвимости