Vulnerability CVE-2012-0879 - Russian Vulnerability Scanner Database

Scores

EPSS

0.000very_low0.0%

0%20%40%60%80%100%

Percentile: 0.0%

CVSS

5.5medium3.x

0246810

CVSS Score: 5.5/10

All CVSS Scores

CVSS 3.x

5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0

4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Description

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.

Sources

debiannvdredhatubuntu

CWEs

CWE-400

Related Vulnerabilities

BDU:2015-01796

Exploits

Exploit ID: 24459

Source: exploitdb

URL: https://www.exploit-db.com/exploits/24459

Exploit ID: 25444

Source: exploitdb

URL: https://www.exploit-db.com/exploits/25444

Exploit ID: 26131

Source: exploitdb

URL: https://www.exploit-db.com/exploits/26131

Exploit ID: 33589

Source: exploitdb

URL: https://www.exploit-db.com/exploits/33589

Exploit ID: 38465

Source: exploitdb

URL: https://www.exploit-db.com/exploits/38465

Exploit ID: CVE-2013-2094

Source: github-poc

URL: https://github.com/letsr00t/CVE-2013-2094

Recommendations

Source: nvd

Before applying this update, make sure all previously-released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/knowledge/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2012-0531.html

Source: nvd

Before applying this update, make sure all previously-released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/knowledge/articles/11258
To install kernel packages manually, use “rpm -ivh [package]”. Do notuse “rpm -Uvh” as that will remove the running kernel binaries fromyour system. You may use “rpm -e” to remove old kernels afterdetermining that the new kernel functions properly on your system.

URL: http://rhn.redhat.com/errata/RHSA-2012-0481.html

Vulnerable Software (9)

Type: Configuration

Product: kernel

Operating System: rhel 6

Trait:

{  "fixed": "2.6.32-220.13.1.el6"}

Source: redhat

Type: Configuration

Product: linux

Operating System: ubuntu hardy 8.04

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: linux-2.6

Operating System: debian

Trait:

{  "fixed": "2.6.33-1"}

Source: debian

Type: Configuration

Vendor: *

Product: debian_linux

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: linux_enterprise_desktop

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_deskto...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: linux_enterprise_high_availability_extension

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_deskto...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: linux_enterprise_server

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_deskto...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: linux_kernel

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",      "versionEndExcluding": "2.6.33",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: ubuntu_linux

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

End of list

Russian Vulnerability Scanner Database

CVE-2012-0879

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Exploits

Recommendations

Vulnerable Software (9)