CVE-2012-1090

EPSS 0.06%
Veröffentlicht 17.05.2012 11:00:37
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 3.2.10

Redhat ≫ Enterprise Mrg Version2.0

Suse ≫ Linux Enterprise Desktop Version11 Updatesp1

Suse ≫ Linux Enterprise Desktop Version11 Updatesp2

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp1

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp2

Suse ≫ Linux Enterprise Server Version11 Updatesp1

Suse ≫ Linux Enterprise Server Version11 Updatesp1 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwEdition-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.19

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/48964

Broken Link

http://rhn.redhat.com/errata/RHSA-2012-0531.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2012-0481.html

Third Party Advisory