CVE-2012-1090

EPSS 0.06%
Published 17.05.2012 11:00:37
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

Affected products Warnungen 0 Metrics 3 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 3.2.10

Redhat ≫ Enterprise Mrg Version2.0

Suse ≫ Linux Enterprise Desktop Version11 Updatesp1

Suse ≫ Linux Enterprise Desktop Version11 Updatesp2

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp1

Suse ≫ Linux Enterprise High Availability Extension Version11 Updatesp2

Suse ≫ Linux Enterprise Server Version11 Updatesp1

Suse ≫ Linux Enterprise Server Version11 Updatesp1 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwEdition-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.19

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html

Third Party Advisory

Mailing List

http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/48964

Broken Link

http://rhn.redhat.com/errata/RHSA-2012-0531.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2012-0481.html

Third Party Advisory