Lucene search
HistoryJun 21, 2012 - 11:55 p.m.
CVE-2012-0028
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0
Percentile
5.1%
The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.
Affected configurations
Node
linuxlinux_kernelRange≤2.6.27.62
ORlinuxlinux_kernelMatch2.6.27
ORlinuxlinux_kernelMatch2.6.27.1
ORlinuxlinux_kernelMatch2.6.27.2
ORlinuxlinux_kernelMatch2.6.27.3
ORlinuxlinux_kernelMatch2.6.27.4
ORlinuxlinux_kernelMatch2.6.27.5
ORlinuxlinux_kernelMatch2.6.27.6
ORlinuxlinux_kernelMatch2.6.27.7
ORlinuxlinux_kernelMatch2.6.27.8
ORlinuxlinux_kernelMatch2.6.27.9
ORlinuxlinux_kernelMatch2.6.27.10
ORlinuxlinux_kernelMatch2.6.27.11
ORlinuxlinux_kernelMatch2.6.27.12
ORlinuxlinux_kernelMatch2.6.27.13
ORlinuxlinux_kernelMatch2.6.27.14
ORlinuxlinux_kernelMatch2.6.27.15
ORlinuxlinux_kernelMatch2.6.27.16
ORlinuxlinux_kernelMatch2.6.27.17
ORlinuxlinux_kernelMatch2.6.27.18
ORlinuxlinux_kernelMatch2.6.27.19
ORlinuxlinux_kernelMatch2.6.27.20
ORlinuxlinux_kernelMatch2.6.27.21
ORlinuxlinux_kernelMatch2.6.27.22
ORlinuxlinux_kernelMatch2.6.27.23
ORlinuxlinux_kernelMatch2.6.27.24
ORlinuxlinux_kernelMatch2.6.27.25
ORlinuxlinux_kernelMatch2.6.27.26
ORlinuxlinux_kernelMatch2.6.27.27
ORlinuxlinux_kernelMatch2.6.27.28
ORlinuxlinux_kernelMatch2.6.27.29
ORlinuxlinux_kernelMatch2.6.27.30
ORlinuxlinux_kernelMatch2.6.27.31
ORlinuxlinux_kernelMatch2.6.27.32
ORlinuxlinux_kernelMatch2.6.27.33
ORlinuxlinux_kernelMatch2.6.27.34
ORlinuxlinux_kernelMatch2.6.27.35
ORlinuxlinux_kernelMatch2.6.27.36
ORlinuxlinux_kernelMatch2.6.27.37
ORlinuxlinux_kernelMatch2.6.27.38
ORlinuxlinux_kernelMatch2.6.27.39
ORlinuxlinux_kernelMatch2.6.27.40
ORlinuxlinux_kernelMatch2.6.27.41
ORlinuxlinux_kernelMatch2.6.27.42
ORlinuxlinux_kernelMatch2.6.27.43
ORlinuxlinux_kernelMatch2.6.27.44
ORlinuxlinux_kernelMatch2.6.27.45
ORlinuxlinux_kernelMatch2.6.27.46
ORlinuxlinux_kernelMatch2.6.27.47
ORlinuxlinux_kernelMatch2.6.27.48
ORlinuxlinux_kernelMatch2.6.27.49
ORlinuxlinux_kernelMatch2.6.27.50
ORlinuxlinux_kernelMatch2.6.27.51
ORlinuxlinux_kernelMatch2.6.27.52
ORlinuxlinux_kernelMatch2.6.27.53
ORlinuxlinux_kernelMatch2.6.27.54
ORlinuxlinux_kernelMatch2.6.27.55
ORlinuxlinux_kernelMatch2.6.27.56
ORlinuxlinux_kernelMatch2.6.27.57
ORlinuxlinux_kernelMatch2.6.27.58
ORlinuxlinux_kernelMatch2.6.27.59
ORlinuxlinux_kernelMatch2.6.27.60
ORlinuxlinux_kernelMatch2.6.27.61
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27 | cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.1 | cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.2 | cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.3 | cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.4 | cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.5 | cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.6 | cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.7 | cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:* |
| linux | linux_kernel | 2.6.27.8 | cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:* |
References
ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8141c7f3e7aee618312fa1c15109e1219de784a7
www.openwall.com/lists/oss-security/2012/05/08/1
bugzilla.redhat.com/show_bug.cgi?id=771764
github.com/torvalds/linux/commit/8141c7f3e7aee618312fa1c15109e1219de784a7
Related
cvelist
cvelist
CVE-2012-0028
2012-06-21 23:00:00
cve
cve
CVE-2012-0028
2012-06-21 23:55:02
seebug
seebug
Linux kernel 2.6.x “exec()”本地拒绝服务漏洞
2012-02-14 00:00:00
Linux kernel 2.6.x 'exec()'本地拒绝服务漏洞
2012-04-07 00:00:00
ubuntucve
ubuntucve
CVE-2012-0028
2012-01-04 00:00:00
prion
prion
Design/Logic Flaw
2012-06-21 23:55:00
veracode
veracode
Privilege Escalation
2020-04-10 01:07:38
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2012-03-10 00:00:00
[USN-1390-1] Linux kernel vulnerabilities
2012-03-10 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2012-0150)
2015-10-06 00:00:00
Ubuntu Update for linux USN-1390-1
2012-03-07 00:00:00
Ubuntu: Security Advisory (USN-1390-1)
2012-03-07 00:00:00
redhat
redhat
(RHSA-2012:0107) Important: kernel security and bug fix update
2012-02-09 00:00:00
(RHSA-2012:0358) Important: kernel security and bug fix update
2012-03-06 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
nessus
nessus
Oracle Linux 5 : kernel (ELSA-2012-0107)
2013-07-12 00:00:00
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1390-1)
2012-03-07 00:00:00
RHEL 5 : kernel (RHSA-2012:0358)
2013-01-24 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2012-02-09 00:00:00
Oracle Linux 5.8 kernel security and bug update
2012-03-01 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2012-03-06 00:00:00
centos
centos
kernel security update
2012-02-09 21:30:36
vmware
vmware
VMware ESX updates to ESX Service Console
2012-04-26 00:00:00
VMware ESX updates to ESX Service Console
2012-04-26 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2012-0028