Lucene search

K
cve[email protected]CVE-2012-2313
HistoryJun 13, 2012 - 10:24 a.m.

CVE-2012-2313

2012-06-1310:24:00
CWE-264
web.nvd.nist.gov
51
cve-2012-2313
linux kernel
drivers/net/ethernet
dlink
dl2k.c
siocsmiireg
ioctl
security vulnerability

5.2 Medium

AI Score

Confidence

High

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

13.7%

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

5.2 Medium

AI Score

Confidence

High

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

0.0005 Low

EPSS

Percentile

13.7%