CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
5.1%
The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls,
which allows local users to bypass intended restrictions on disk read and
write operations by sending a SCSI command to (1) a partition block device
or (2) an LVM volume.
Author | Note |
---|---|
apw | This seems to be seens as the right thing to do, but not so late in 3.2, expect to see something applied in the early merge window https://lkml.org/lkml/2011/12/22/366 The fixes have now hit mainline, there is a strong possibility that when these are applied to older releases we will get functionality regressions, will get them on precise as soon as possible. |
launchpad.net/bugs/cve/CVE-2011-4127
lkml.org/lkml/2004/8/12/218
lkml.org/lkml/2004/8/12/260
lkml.org/lkml/2011/12/22/270
nvd.nist.gov/vuln/detail/CVE-2011-4127
security-tracker.debian.org/tracker/CVE-2011-4127
ubuntu.com/security/notices/USN-1384-1
ubuntu.com/security/notices/USN-1384-1
ubuntu.com/security/notices/USN-1388-1
ubuntu.com/security/notices/USN-1389-1
ubuntu.com/security/notices/USN-1405-1
www.cve.org/CVERecord?id=CVE-2011-4127